Regional Hub Node - Noodlez.org Courses...the tactical and strategic networks. The ASA-5520 also provides IPS services using the Cisco AIP-SSM-10 module. For added redundancy in the

Regional Hub Node

Modul1 1: Basic IT Course

Table of Contents

Chapter 1 Introduction to the Regional Hub Node

Chapter 2 Internetworking Concepts Written Exercise Chapter 3 Layer 2 Switching and VLANs VLAN Configuration Exercise Chapter 4 IP Addressing and Subnet Masking Decimal to Binary Conversion Exercise Classful IP Addressing Exercise IP Subnet Masking Exercise IP Subnet Allocation Exercise Written Exercise Chapter 5 Introduction to Router Operations Password recovery Exercise Written Exercise Chapter 6 Introduction to Routing and Static Routes Static Route Exercise Unnumbered Operations Exercise Written Exercise Chapter 7 OSPF Single Area OSPF point to Point Unnumbered Exercise OSPF Point to Point Numbered Exercise OSPF Broadcast Multi-Access Exercise Written Exercise Chapter 8 Final PE Chapter 9 Appendix

TAB

Insert Tab # 1 Here

Introduction to the Regional Hub Node

2

3

WIN-T Increment 1 Network

DIV Main NETOPS

MVR BDE TAC

NETOPSSTT

DIV TACNETOPS

NETOPS

MVR BN CP

LOS

STT

STT MVR BDE TOC

JNN

LOS

Regional Hub

JNN

STT

MVR BN CP

NETOPSNETOPSSTT

STT

WIN-T Inc 1 TDMA SATCOMLegacy LOS (TRC-190)

WIN-T Inc 1 FDMA SATCOM

WIN-T Inc 1b NCW SATCOM

JNN

• ATH beyond line-of-site and line-of-site Wide Area Network for voice, data, video

• Rapid SATCOM network set-up

• NIPR, SIPR, and DSN services from DIV to BN

• Supports Transformation and Modularity

• Supports Army's ability to be JTF HQ

II

II

XX

XXXX

X

II

XX

JNN

Configuration Items

• DMD 2050 provides FDMA SATCOM

• Linkway S2 provides TDMA SATCOM

• MPM-1000 will provide NCW at Inc 1b

• TRC 190 provides LOS

• Joint interoperability provided at Regional HUB, Div Tac HUB and JNN

BasebandBaseband

DIV TACHUB LOS

LOS

MBCOTM

BDE CDR

BasebandBaseband DIV Hub

or…

The WIN-T Inc 1 network is a state-of the-art COTS/GOTS communications network that enables the exchange of voice, video, and data throughout the tactical Army unit and into the sustaining base. It leverages commercial satellite technology to provide beyond line of site capabilities and commercial internet networking technology to increase functionality and efficiency while reducing size, weight and power. WIN-T Increment 1 components reside at the Theater, Corps, Division, Brigade and Battalion levels and provide interfaces to lower level systems including on the move and soldier platforms. The RHN enables the deployment of WIN-T Inc 1 equipped units into a theater where they can immediately begin to draw their satellite services from a fully provisioned hub node operating in a sanctuary. RHNs allow satellite, voice, and data services to be provisioned and pre-positioned to support deploying forces as they flow into a theater of operation. The RHN will activate satellite carriers prior to the flow of forces into the theater, as well as provide connectivity for deployed force access to national networks. The RHN is the primary hub node when a UHN is not in-theater, or it can provide backup services in support of a Division, even if their UHN is operational.

Five Regional Hub Nodes will be deployed at fixed operational base locations to provide near worldwide coverage. They will be located in the European, Southwest Asia, and Western Pacific theaters, as well as on the United States east and west coasts.

The RHN can be divided logically into three subcomponents: satellite communications, baseband services, and network operations and user services.

4

WIN-T Network Architecture

Hub Node

BN CPN BN CPN

Regional Hub Node

Ku TDMA

Ku FDMA(Battalion level unit)

JNN

(Div/Corps)

DISN/GIG

DISN/GIG(cable)

Currently, WIN-T Inc 1 and legacy JNN Hub Nodes using commercial Ku and Ka-band satellite capabilities are providing the transport using Time Division Multiple Access (TDMA) and Frequency Division Multiple Access (FDMA) technologies. The WIN-T network architecture is composed of four primary nodes that provide support to various elements within the Army and Joint Forces:

1. Regional Hub Node (RHN) 2. Unit Hub Node (UHN) 3. Joint Network Node (JNN) 4. Battalion Command Post Node (BnCPN)

The UHN is a Division asset that provides connectivity to the Defense Information Systems Network (DISN) and the Global Information Grid (GIG). The UHN utilizes both FDMA and TDMA satellite connectivity. The UHN also serves as the master hub node for TDMA mesh networks of the Brigades and their associated BnCPNs. The JNN is located at the Brigade element. It serves as both a distribution point for the various systems within the Brigade and provides direct network services for the Brigade headquarter elements. The JNN can utilize both TDMA and FDMA satellite connectivity and has a single FDMA link that is usually reserved for connectivity to the UHN. The BnCPN provides direct network access to users within a Battalion element. It utilizes only TDMA satellite connectivity. It has permanent links to the UHN and JNN and can establish on demand connections to other CPNs within the Brigade.

5

The RHN is the largest of the four WIN-T Increment 1 and legacy JNN Hub Node types, and can provide the following capabilities:

• Provide primary hub node connectivity (FDMA and TDMA) and services for tactical users during reception, staging, onward movement, and integration (RSOI) operations.

• Provide TDMA management support enabling intra-theater Brigade-to-Brigade level routing and network services.

• Provide primary hub node connectivity and services to expeditionary units not deploying with a UHN.

• Provide support to Echelon Above Corps (EAC), such as Expeditionary Signal Battalion (ESB), or Echelon Corps and Below (ECB), which are task organized to support the entire entity.

• Provide a server sanctuary supporting the delivery of theater level services and a stable location for Division or Brigade units to host services for their tactical users.

• Provide WIN-T Inc 1 and Unit Hub Node connectivity and services for mounted battle command on the move (MBCOTM) users.

• Extend DISN services to the tactical user. The RHN system is designed to support up to three fully equipped Division Enclaves and up to twelve Separate Enclaves (utilizing two physical separates enclaves with six virtual separates per physical enclave), for joint operations through satellite connectivity to other JNN Network systems: the UHN, the JNN, and the BnCPN. The RHN will support both Frequency Division Multiple Access (FDMA) and Time Division Multiple Access (TDMA) satellite links. Equipment is grouped into enclaves within the RHN facility as shown in Figure 1-2. Each Division or Separate enclave operates independently of the others. Tier 1 (T1) is a TNOSC controlled TLA Stack. Tier 2 (T2) Aggregate, Division, and Separate enclaves are controlled by RHN personnel. There is a clear line of demarcation between strategic and tactical.

6

The NIPR Aggregate Enclave within the RHN serves as the interface to the DISN cloud and includes the Network Management and Information Assurance servers. The Aggregate is in a dual stack configuration adding greater throughput while also providing redundancy to mitigate possible hardware failures. The Enclave interfaces the Defense Switched Network (DSN) telephone trunks and the NIPR network (Internet) feed to the three Division and 12 Virtual Separate Enclaves. The NIPR Enclave consists of:

• Exterior Switch (Cisco 3560E) – The exterior switch provides the Tier 1 NIPR entry point into the RHN.

• Perimeter Firewall (Cisco ASA 5520) –The perimeter firewall is used to filter packets from strategic NIPR and control access by internal users. It forms a boundary between the tactical and strategic networks. The ASA-5520 also provides IPS services using the Cisco AIP-SSM-10 module. For added redundancy in the dual stack configuration the ASA utilizes active failover and asymmetric routing.

• Interior Switch (Cisco 3560E) – The interior switch provides the switching fabric between the perimeter firewall and the Aggregate Tier 2 Router.

• Aggregate Tier 2 Router (Cisco ASR1004) – The Cisco ASR 1004 is a Cisco Aggregation Services Router utilizing the Cisco Quantum Flow Processor and modular Architecture. The ASR 1004 provides hardware based acceleration for RHN utilized technologies such as Netflow, QoS, IP Multicast, and Policy based Routing. The Tier 2 router provides routing between the DISN NIPR network and the Enclaves. The Tier 2 router provides load-balancing to the Aggregate dual stack configuration. An access control list applied to the NIPR feed interface provides the first layer of packet filtering into the NIPR Aggregate Enclave.

• Core Switch (Cisco 3560E) – The Core Switch physically connects the 2 Separates Enclaves and the NetOps Enclave to the Aggregate enclave.

• NIPR Voice Gateway Router (VGR) (Cisco 3845) – Interfaces the DSN analog voice network to the tactical Voice over Internet Protocol (VoIP) network through the Redcom Softswitch Switch. The NVGR router contains T1 interfaces for connectivity to the REDCOM HDX and DSP resources for CODEC transcoding and Media Termination Point (MTP) functionality.

7

• Redcom HDX Soft Switch – Interconnects RHN to DISN cloud for DSN access. The REDCOM HDX is discussed more in-depth in the Transmission Enclave section.

• Cisco Unified Call Manager (CUCM),(CISCO MCS-7835-I2-IPC2): The Aggregate CUCMs deployed in a Publisher / Subscriber pair for redundancy and performance advantages. The Aggregate CUCM provides subscriber services to the Aggregate and Separate Enclaves locally connected phones and routing and call control for RHN calls destined to and originated from the DSN or the Separate Enclaves. • Separate Anti-Virus Firewall (McAfee EWS, MSA-3300-SGAG Appliance): The

gateway anti-virus firewall provides input and output packet filtering protection to the Separate Enclaves against SPAM, viruses and other exploits.

• Console Server (MRV LX-4032T-001ACF 16 port), A console server (not shown) provides access to NIPR device console ports from any NIPR RHN operator system.

8

The SIPR Aggregate Enclave within the RHN serves as the interface to the DISN cloud and includes Network Management and Information Assurance servers. The Enclave provides an interface between to the DISN SIPR network and the three Division and 12 virtual Separate Enclaves. The SIPR Enclave consists of the following:

• Exterior Switch (Cisco 3560E) – The exterior switch provides the Tier 1 SIPR entry point into the RHN.

• Perimeter Firewall (Cisco ASA 5520) –The perimeter firewall is used to filter packets from strategic SIPR and control access by internal users. It forms a boundary between the tactical and strategic networks. The ASA-5520 also provides IPS services using the Cisco AIP-SSM-10 module. For added redundancy in the dual stack configuration the ASA utilizes active failover and asymmetric routing.

• Interior Switch (Cisco 3560E) – The interior switch provides the switching fabric between the perimeter firewall and the Aggregate Tier 2 Router.

• Aggregate Tier 2 Router (Cisco ASR1004) – The Cisco ASR 1004 is a Cisco Aggregation Services Router utilizing the Cisco Quantum Flow Processor and modular Architecture. The ASR 1004 provides hardware based acceleration for RHN utilized technologies such as Netflow, QoS, IP Multicast, and Policy based Routing. The Tier 2 router provides routing between the DISN SIPR network and the Enclaves. The Tier 2 router provides load-balancing to the Aggregate dual stack configuration. An access control list applied to the SIPR feed interface provides the first layer of packet filtering into the SIPR Aggregate Enclave.

• Core Switch (Cisco 3560E) – The Core Switch physically connects the 2 Separates Enclaves and the NetOps Enclave to the Aggregate enclave.

• SIPR Voice Gateway Router (VGR) (Cisco 3845) –The SVGR router provides DSP resources for CODEC transcoding and Media Termination Point (MTP) functionality.

• Cisco Unified Call Manager (CUCM),(CISCO MCS-7835-I2-IPC2): The Aggregate CUCMs deployed in a Publisher / Subscriber pair for redundancy and performance advantages. The Aggregate CUCM provides subscriber services to the Aggregate and

9

Separate Enclaves locally connected phones and routing and call control for RHN calls destined to and originated from the DSN or the Separate Enclaves.

• Separate Anti-Virus Firewall (McAfee EWS, MSA-3300-SGAG Appliance): The gateway anti-virus firewall provides input and output packet filtering protection to the Separates Enclaves against SPAM, viruses and other exploits.

• Console Server (MRV LX-4032T-001ACF 16 port): A console server (not shown) provides access to SIPR device console ports from any SIPR RHN operator system.

10

The NIPR Division Enclave serves as the distribution point to extend DISN services to the tactical user. These services are drawn through the NIPR Aggregate Enclave. The Division Enclave acts in a Tier 2 fashion and is considered part of the deployed Division’s network architecture. There are three separate NIPR Division Enclaves contained with the RHN and each one consists of the following equipment:

• Perimeter Router (Cisco 7201) : The perimeter boundary router provides a routing boundary using BGP between the Division Enclave and the Aggregate Enclave as well as the other Enclaves.

• Division Perimeter Firewall (ASA5510-AIP10-K9): The perimeter firewall provides firewall, IPS, Anti-virus protection for the Division Enclave from threats transiting the Aggregate Enclave

• Division Anti-Virus Firewall (McAfee EWS on a CHS CISC Server)): The gateway anti-virus firewall provides input and output packet filtering protection to the Division Enclave against SPAM, viruses and other exploits.

• NIPR Tier 2 3845 Router (CISCO3825-H-VSEC/K9): Provides default gateway and routing functions for remote JNNs, locally connected NIPR hosts and RHN components. It is part of the deployed Division’s Tier 2 NIPR routing architecture and is the point at which DISN NIPR services are provided to the Division. The NIPR Tier 2 Router also provides AES encryption for the TDMA network and DSP resources for VOIP traffic.

• Division Satellite Router (C3845-VSEC/K9): The Division satellite router provides 16 serial interfaces for FDMA connections to Tactical Users.

• Division Host Switch, (Cisco WS-C3560E-48PD-E): The Division Host Switch provides access to the NIPR network for local Division Enclave users. This includes Ethernet ports for the Division Server stack, an IP phone, Cisco Call Manager, Network Manager, and a Terminal Server

11

• Division Host LAN Firewall (ASA5510-AIP10-K9): The host LAN firewall provides firewall, IPS, Anti-virus protection to the Division Enclave users from threats transiting the Division Enclave or passing between distinct LANs.

• Cisco Unified Call Manager CUCM (Cisco MCS-7825-I4-IPC1): The Division CUCM provides subscriber services to the Division Enclave locally connected phones and also routing and call control for RHN calls destined to or originating from the Division Enclave.

• Citrix WanScaler, (Defense Edition 100M4P): The WANscaler Placed inline between the ASA 5510 firewall and the Tier 2 routers on the NIPR network to provide WAN traffic acceleration.

• Control Laptop, (Dell Precision 6400): The Control Laptop (not shown) provides Command Line Interface (CLI) and KVM access to any NIPR devices. Each Division Enclave has a control Laptop.

• IP KVM Switch, (Avocent DSR8030 16 port): The KVM Switch (not shown) allows the operator to access and control multiple NIPR computers from a single Keyboard, Mouse, and Monitor,

• Console Server, (MRV LX-4032T 16 port) A console server (not shown) provides access to NIPR device console ports from any NIPR RHN operator system.

12

The SIPR Division Enclave serves as the distribution point to extend DISN services to the tactical user. These services are drawn through the SIPR Aggregate Enclaves. The Division Enclave acts in a Tier 2 fashion and is considered part of the deployed Division’s network architecture. There are three separate Division Enclaves contained with the RHN and each one consists of the following equipment:

• Perimeter Router (Cisco 7201): The perimeter boundary router provides a routing boundary using BGP between the Division Enclave and the Aggregate Enclave as well as the other Enclaves.

• Division perimeter Firewall (ASA5510-AIP10-K9): The perimeter firewall provides firewall, IPS, Anti-virus protection for the Division Enclave from threats transiting the Aggregate Enclave.

• Division Anti-Virus Firewall (McAfee EWS on a CHS CISC Server): The gateway anti-virus firewall provides input and output packet filtering protection to the Division Enclave against SPAM, viruses and other exploits.

• NIPR Tier 2 3845 Router (CISCO3825-H-VSEC/K9): Provides default gateway and routing functions for remote JNNs, locally connected NIPR hosts and RHN components. It is part of the deployed Division’s Tier 2 NIPR routing architecture and is the point at which DISN NIPR services are provided to the Division. The NIPR Tier 2 Router also provides DSP resources for VOIP traffic.

• Division Host Switch, (Cisco WS-C3560E-48PD-E): The Division Host Switch provides access to the NIPR network for local Division Enclave users. This includes Ethernet ports for the Division Server stack, an IP phone, Cisco Call Manager, Network Manager, and a Terminal Server

13

• Division Host LAN Firewall (ASA5510-AIP10-K9): The host LAN firewall provides firewall, IPS, Anti-virus protection to the Division Enclave users from threats transiting the Division Enclave or passing between distinct LANs.

• Cisco Unified Call Manager CUCM (Cisco MCS-7825-I4-IPC1): The Division CUCM provides subscriber services to the Division Enclave locally connected phones and also routing and call control for RHN calls destined to or originating from the Division Enclave.

• Citrix WanScaler, (Defense Edition 100M4P): The WANscaler Placed inline between the ASA 5510 firewall and the Tier 2 routers on SIPR network to provide WAN traffic acceleration.

• Control Laptop, (Dell Precision 6400): The Control Laptop (not shown) provides Command Line Interface (CLI) and KVM access to any NIPR devices. Each Division Enclave has a control Laptop.

• IP KVM Switch, (Avocent DSR8030 16 port): The KVM Switch (not shown) allows the operator to access and control multiple NIPR computers from a single Keyboard, Mouse, and Monitor.

• Inline Network Encryptor (INE) (Taclane KG-175D): The TACLANE is used to encrypt/decrypt SIPR traffic between the NIPR Tier 2 3845 Router and the SIPR Tier 2 3650 switch. The SIPR traffic is tunneled through the NIPR Division Enclave for distribution through both the FDMA and the TDMA satellite networks.

14

The NIPR Separate Enclave serves as the distribution point for DISN services provided to a separately deployed Army Unit. These services are drawn through the NIPR Aggregate Enclave. The Separate Enclave acts in a Tier 2 fashion and is considered part of the deployed network architecture. There are two Separate Enclaves within the RHN and each one of which provides 6 virtual Separate Enclaves using Virtual Routing and forwarding (VRF). The physical Separate Enclave consists of the following equipment:

• Enclave Perimeter Switch (Cisco WS-C3560E-24PD-E): The Enclave Perimeter Switch provides redundant interfaces to the Aggregate Core switches

• Perimeter Firewall (Cisco ASA5520-AIP20-K9): The perimeter firewall provides firewall, IPS, Anti-virus protection for the Separate Enclave from threats transiting the Aggregate Enclave for each VRF instance.

• Citrix WanScaler (Defense Edition 100M4P): Placed in-line between the ASA 5520 firewall and the Tier 2 routers on the NIPR network to provide WAN traffic acceleration.

• NIPR Tier 2 Router (Cisco ASR1004): The Tier 2 Router provides default gateway and routing functions for remote JNNs, locally connected NIPR hosts and RHN components. It is part of the deployed Separate’s Tier 2 NIPR routing architecture and is the point at which DISN NIPR services are provided. It provides TRANSEC (AES Encryption) for the TDMA satellite traffic. Connectivity to the Separates FDMA network is provided 12 serial interfaces that are patched to the SATCOM Enclave.

• NIPR Tier 2 Switch (Cisco WS-C3560E-12PD-E): Provides access to the NIPR network for local Separate Enclave users such as a Terminal Server, and the Network Manager server, connects to the SATCOM Enclave for TDMA access, and connects to the SIPR Separates Enclave through a TACLANE In-Line Encryptor .

15

The SIPR Separate Enclave serves as the distribution point for DISN services provided to a separately deployed Army Unit. These services are drawn through the SIPR Aggregate Enclave. The Separate Enclave acts in a Tier 2 fashion and is considered part of the deployed network architecture. There are two Separate Enclaves within the RHN with a total of 12 VRF based virtual separate enclaves and each one consists of the following equipment:

• Enclave Perimeter Switch (Cisco WS-C3560E-24PD-E): The Enclave Perimeter Switch provides redundant interfaces to the Aggregate Core switches

• Perimeter Firewall (Cisco ASA5520-AIP20-K9): The perimeter firewall provides firewall, IPS, Anti-virus protection for the Separate Enclave from threats transiting the Aggregate Enclave for each VRF Enclave.

• Citrix WanScaler (Defense Edition 100M4P): Placed in-line between the ASA 5520 firewall and the Tier 2 routers on the SIPR network to provide WAN traffic acceleration.

• SIPR Tier 2 Router (Cisco ASR1004): The Tier 2 Router provides default gateway and routing functions for remote JNNs, locally connected SIPR hosts and RHN components. It is part of the deployed Separate’s Tier 2 SIPR routing architecture and is the point at which DISN SIPR services are provided

• SIPR Tier 2 Switch (Cisco WS-C3560E-12PD-E): Provides access to the SIPR network for local Separate Enclave users such as a Terminal Server and the Network Manager server. The Tier 2 switch connects to the users through the TACLANE In-Line Encryptor. • Inline Network Encryptor (INE) (Taclane KG-175D): The TACLANE is used to encrypt/decrypt SIPR traffic between the NIPR Separate Enclave and the SIPR Separate Enclave . The Separates SIPR traffic is tunneled through the NIPR Separates Enclave

router for distribution through both the FDMA and the TDMA satellite networks.

16

The NetOps Enclave provides NetOps service to all Enclaves. There are Separate NIPR and SIPR NetOps Enclaves. Each NetOps Enclaves use 6 hardware servers and virtualization to appear as up to 22 different NetOps Servers. In addition to the NetOps VM stack there are additional Network Appliances and Laptops providing Additional functionality.

• NETOPS Switch (Six per Enclave Cisco WS-C3750E-48PD-E): The NetOps switch is

actually 6 separate switches in a stack configuration to achieve the look, feel, and function of a single switch. All NetOps devices connect to the NetOps Switch, an it in turn connects to the Aggregate Enclaves where it goes based on the VLAN structure to the individual Enclaves.

• NETOPS VM Servers (Six Dell R710 Servers): The NetOps servers contain all images, the VMware ESX, and Virtual SAN (VSA) Software.

• Console Server, (MRV LX-4032T-001ACF): The console server provides to NIPR or SIPR device console ports.

• NETOPS Host Firewall (Cisco ASA5520-AIP20-K9): The host LAN firewall provides firewall, IPS, and Anti-virus protection to the NetOps Servers and Appliances from threats transiting the various Enclaves or passing between distinct LANs or VRF instances.

• IP KVM Switch, (Avocent DSR8035-001 32 port): The KVM switch allows the operator to access and control multiple NIPR or SIPR computers from one set of Keyboard, Mouse, and Monitor.

• NETMRI Servers (Two): NetMRI servers evaluate the performance of VOIP calls going through NIPR or SIPR networks via a Cisco Call Manager server.

• Control Laptop, (Dell Precision 6400): The Control Laptop (not shown) provides Command Line Interface (CLI) and KVM access to any NIPR devices.

17

• GEM-X GD Encryptor Manager Laptops , Two SIPR only on a Go Book XR-1 Platform: The GEM laptop manages the network of TACLANEs.

• CS-MARS- Servers, Three, CS-MARS-GC2 and CS-MARS-110R: The CS-MARS server consolidates and correlates log information for all NIPR or SIPR devices (routers, switches, firewalls, IPS) local to the RHN.

• Inline Network Encryptor (INE) (Two SIPR Only, Taclane KG-175D): The NetOps TACLANE is used as the fronting TACLANE for the GEM-X application and to provide access for Domain NetOps personnel.

18

The primary purpose of the SATCOM Enclave is to provide patching circuits, COMSEC & TRANSEC encryption/decryption for serial circuits destined for the FDMA satellite modems, and Ethernet switching for the interfacing of IP traffic to the TDMA satellite modems. The Enclave consists of the following equipment:

• PT Patch Panel – The Plain Text (PT) patch panel allows unencrypted serial circuits originating in any of the enclaves to be redirected either to a KIV-7M to be sent directly to an FDMA, Fiber, or CDI modem or to a NX-1000 Multiplexer to be combined with other circuits prior to being encrypted.

• CT Red Patch Panel – The Cypher Text (CT) patch panel allows encrypted serial circuits originating in any of the enclaves to be redirected either to an FDMA, Fiber, or CDI modem.

• KIV-7M (32) – A serial data encryption device used for encryption/decryption of Serial data to provide transmission security (TRANSEC) for the FDMA modems. There are 32 dual channel KIV-7Ms in the RHN for a total number of full duplex channels of 64. The KIV-7M provides compatibility to a variety of encryption devices using personalities. KG-194 is the personality utilized for TRANSEC.

• LinkWay Switch (4– Provides Ethernet interface to the TDMA satellite modems. This allows any of the RHN Tier 2 VPN routers access to any of the supported TDMA networks.

• Linkway S2 TDMA Modem – An IP-based TDMA modem that provides RF modulation and demodulation functions for IP traffic into the TDMA satellite network. The TDMA network controller (NCC) provides on-demand access for supported users to this network. There are 64 TDMA modems in the RHN that can be assigned (using VLAN allocation) as necessary to meet mission.

• DMD-2050 FDMA Modem – A serial based FDMA modem that provides radio modulation and demodulation functions for serial users into the FDMA satellite network.

19

There are 64 FDMA modems in the RHN that can be patched as necessary to meet mission.

• Fiber/CDI Modems: There are 24 Dual channel CTM-100/P Canoga Perkins compatible fiber optic modems, (for a total of 48 Circuits) to allow the RHN to connect directly to a Unit Hub Node (UHN) vis the Pedestal. There are four dual-channel CTM-100/C modems (providing 8 circuits), to allow connection of external transmission assets to the RHN. Those systems include the AN/TSC-167 (STT), AN/TSC-156 Phoenix Terminals, AN/TSC-85 (TACSAT), AN/TRC-170, or AN/TRC-190 HCLOS.

• Fiber Optic Patch Panel: The fiber Optic Patch Panel allows the Fiber/CDI modem output to be connected to specific physical port location on the pedestal.

• Timing Source: the RHN uses a Cesium Beam timing standard, distributed through a Symmetricon 65000 Timing Distribution System to time the FDMA modems, the Fiber/CDI modems, the Promina NX-1000s Multiplexers, the REDCOM PBX, and also extend timing to the pedestal.

• Pedestal: The pedestal is a physical assembly designed to attach external systems to the RHN.

20

Earth Station is a term used to describe the combination of antenna, low-noise amplifier (LNA), down-converter, and modems used to transmit and receive a signal by satellite. A typical earth station is made up of the Outdoor Unit (ODU) and Indoor Unit (IDU).

The ODU consists of the following:

• Antenna - A device for transmitting and receiving radio waves, in this case a dish designed to focus the waves to and from the satellite. The antenna also contains the feed horn, which is located at the focal point of the parabolic reflector. It radiates RF energy toward the antenna reflector and collects (received) RF energy from the antenna reflector.

• High Power Amplifier (HPA) - A device that amplifies a specific band of

frequencies by a large amount. It is sufficiently large to enable the antenna to beam them up to the satellite.

• Block Up-Converter (BUC) – An Earth station transmitter combining

signal up-conversion and power amplification in a single unit. It is located directly at the antenna input, or close to it.

• Low Noise Block Down-converter (LNB) - A device that processes

weak satellite signals directed by an antenna reflector into a feed horn,

21

while introducing as little electrical noise as possible in the process. It consists of a microwave detector followed by a high gain, low noise microwave amplifier and a frequency converter, which down converts a block of frequencies (group of satellite signals) to a lower intermediate frequency range (typically 950 to 2150 MHz).

The IDU consists of the following:

• Modem • Baseband Equipment

Fiber connects the IDU to the ODU using an L-BAND to fiber optic converter The satellite modem or IDU on the transmit side of the system superimposes data traffic onto a modulated IF signal sent to ODU for transmission to the satellite. On the receive side of the system, the modem recovers the original signal and demodulates the carrier signal and routes the intelligence to baseband equipment via an Ethernet, coaxial or fiber optic cable connection.

22

Frequency-Division Multiple Access (FDMA) is a type of satellite access technique used in satellite communications. Earth stations transmit simultaneously on different pre-assigned frequencies into a common satellite transponder. FDMA divides a satellite communications channel among users who are each given their portion of the available channel bandwidth for their permanent use. The carrier is transmitted on a single frequency with all users multiplexed within the superimposed carrier signal. Co-channel interference between carriers is minimized by spacing the carriers in frequency so that their spectrums do not overlap. FDMA is characterized by the following:

• Users transmit on one carrier frequency and receive on another. • 2 carriers per full duplex link (point to point). • Scales poorly - inefficient use of space segment. • Does not support ad hoc networking. • Dedicated bandwidth, not shared. • No delay for link connection.

23

Time-Division Multiple Access (TDMA) is a digital transmission technology that allows a number of users to access a single radio frequency (RF) channel without interference by dynamic allocation of time slots based on user requirements. It allows multiple carriers on the satellite within the TDMA network, which forms a bandwidth pool for the users. A network control system is required to manage the bandwidth. This mechanism for sharing a channel allows for a number of satellite users to have access to the whole channel bandwidth for a small period of time (a time slot). TDMA is characterized by the following:

• Users share carrier(s) for both transmit and receive. • Additional carriers can be defined to support network growth. • Scales well – efficient use of valuable space resource. • Supports ad hoc networking well. • Bandwidth is a shared resource, not dedicated. • Slight delay in establishing link connection

24

The FDMA network can be configured in one of two different ways depending upon the version of JNN that will be communicating with the RHN. Both methods encrypt SIPR traffic with a TACLANE and then passing the resulting packet in to the NIPR network. In the newest, “normal through”, method NIPR packets will be routed through a serial interface and then encrypted for transmission by a KIV-7M in KG-194 mode. The encrypted traffic then is modulated by the Radyne 2050 modem before being sent to the satellite ground station for transmission. In the Lot 7, “patched”, method NIPR packets will be routed through a serial interface and then multiplexed with the voice traffic coming from the REDCOM. Multiplexer Aggregate traffic is then encrypted for transmission by a KIV-7M in KG-194 mode. The encrypted traffic then is modulated by the Radyne 2050 modem before being sent to the satellite ground station for transmission.

25

Satellite links can operate in different frequency bands and use separate carrier frequencies for the uplink and downlink. The use of C bands was most common in first generation Satellite systems. However, this band is already crowded since terrestrial microwave links also use these frequencies. The frequency and power output of a satellite signal determine the size of the earth station antenna. When the frequency increases, the wavelength decreases. As wavelength increases, larger antennas are necessary to gather the signal. There are a number of radio frequency ranges in use in satellite communications such as C, Ku, and Ka bands. C and Ku are the most common frequencies for fixed satellite services such as video, data and voice. The current trend is towards the higher frequencies of Ku and Ka bands. The Regional Hub Node uses Ku and Ka bands. Earth station antennas typically are grouped into the following sizes depending on operational frequency range:

• C band, 7.5 to 12 feet (2 to 3.5 m). • Ku Band, 3.2 to 13.7 feet (1.0m to 4.2m). • Ka Band, 2.1 to 2.4 feet (0.66m to 0.75m).

26

To prevent interference caused by multiple sites transmitting on the same frequencies, governmental regulations control the usage. C-Band

• Introduced in the 1970s, creating data limitations due to thru put because of its age.

• Occupies the 4-6 GHz frequency band, which has fewer and fewer uses due to the higher data rates that are being used.

• The C band shares frequencies with terrestrial microwave, which are use for point-to-point communications.

• Typically provides national domestic, regional, or even global coverage and as time goes on less use in the C band arena.

• Characterized by higher availability links that are less susceptible to rain fade due to the wavelength of the frequency produced.

• Lower cost per MHz when compared to other frequency bands, this stands to reason due to its age in communications.

• Larger antennas required when compared to other frequency bands and due to the wavelength.

Ku-Band

• Introduced in the 1980s. • 10.5 – 14.5 GHz frequency band. • Dedicated for satellite communications only and therefore no frequency

coordination is required with terrestrial stations. • Provides domestic and international coverage. • Smaller earth stations manufactured at higher volumes bring lower cost. • Limited effect by rain causing lower link availability when compared to C

band. Ka-Band

• Introduced in the late 1990s. • 19-29GHz frequency band. • Part of the band is dedicated to satellite band only and therefore no

frequency coordination is required with terrestrial. • Provides domestic and international coverage. • Affected by rain to a greater degree than Ku band.

FSS - Fixed Satellite System (Ex: Army Communications) BSS – Broadcast Satellite Systems (Ex: Direct TV) MSS – Mobile Satellite Systems (Ex: Iridium)

27

The primary purpose of the Transmission Enclave is to provide multiplexing of NIPR serial circuits voice circuits for transport though the FDMA satellite network. and Ethernet switching for the interfacing IP traffic to the TDMA satellite modems. There are three Promina NX-1000 multiplexers in the RHN. The PT and CT patch panels are located in the SATCOM Enclave. The REDCOM Softswitch or PBX is also in the transmission Enclave and provides dedicated Voice Support. The Enclave consists of the following equipment:

• Promina NX-1000: A high-speed multiplexer which integrates data, voice, and video while effectively managing network bandwidth. Each NX-1000 has 8 serial line circuit interfaces (4 HSD, 4 URD (2 dedicated to Timing)), 4 Voice T1 Circuits and 2 trunk circuit interfaces. The NX-1000 trunk circuits can be patched to ant FDMA, Fiber, or CDI modem in the SATCOM Enclave.

• KIV-7M : A serial data encryption device used for encryption/decryption of Promina aggregate data for transmission security (TRANSEC).

• PBX (Redcom HDX ): Interconnects RHN to DISN cloud for DSN access. It has 16 T1 and 16 Loop connections that can be patch via the t1 and loop patch panels, respectively.

• T1 Patch Panel: The T1 patch panel allows the 16 T1s from the REDCOM to be allocated as necessary. The are 12 connections to media converters to extend t1 connections to the pedestal, 8 connections to the local Signal Entry panel (SEP) for connection to DSN or the Corps or regional TLA; 8 connections to the NIPR Aggregate (4 to each NVGR); and 4 connection to each of the NX-1000 multiplexers.

• Loop Patch Panel: The loop patch panel provides connections for analog phones.

28

RHN Division Signal Flow

In an operation network, packets originated by a unit will arrive at either the FDMA or the TDMA modem. From the TDMA modem the packet will then traverse the Linkway Switch into the Division Enclave’s Tier 2 Switch. The Tier 2 switch then routes the packet into the Host Firewall which returns it to the Tier 2 Switch. From the Tier 2 Switch the packet proceeds to the Tier 2 router. From the FDMA modem the packet travels through the CT Patch Panel to the KIV-7M and is decrypted. The decrypted packet is then sent through the PT Patch Panel to the SAT Router. The SAT Router transfers the packet to the Tier 2 Router. The packet is then sent to the Aggregate, on it’s way the contents are checked for viruses, the firewall inspects it and allows or denies based on the firewall policies, it passes through the Division Tier 1 router and then to the Division Switch and then the Aggregate Tier 2 router. From the Aggregate Tier 2 router, the packet will flow through the Aggregate Interior switch, to the Aggregate Perimeter firewall, through the exterior switch to the Tier 1 Enclave which will route it to the internet.

29

RHN Separates Signal Flow

In an operation network, packets originated by a unit will arrive at either the FDMA or the TDMA modem. From the TDMA modem the packet will then traverse the Linkway Switch into the Seperates Enclave’s Tier 2 Switch. From the Tier 2 Switch the packet proceeds to the Tier 2 router. From the FDMA modem the packet travels through the CT Patch Panel to the KIV-7M and is decrypted. The decrypted packet is then sent through the PT Patch Panel to the Separates Tier 2 Router. The Separates packet is now routed according to its specific VRF routing table. The packet is forwarded through the Separates Perimeter firewall to the Separates Switch., From the Separates switch the packet traverses the Aggregate Core Switch and then the Aggregate Tier 2 Router. The Aggregate Tier 2 Router will pass it through the Anti-Virus firewall to check the packet for application layer vulnerabilities. From the Aggregate Tier 2 router, the packet will then flow through the Aggregate Interior switch, to the Aggregate Perimeter firewall, through the exterior switch to the Tier 1 Enclave which will route it to the internet.

TAB

Insert Tab # 2 Here

Internetworking Concepts

31

32

Cisco Networking Model

CORE

DISTRIBUTION

ACCESS

Cisco Switches

Cisco Routers

The Cisco networking model consists of three layers:

1. Access Layer: Where end users connect to the network. Multiple groups of users and their resources exist at the Access Layer.

2. Distribution Layer: Provides the function of routing, filtering, and WAN

access. This class focuses on the Distribution Layer and how it functions in the Army tactical communications arena.

3. Core: Moves data as fast as possible. Normally consists of high-speed

switches and routers. In the tactical world, the Core Layer is referred to as SIPRNET and NIPRNET.

• SIPRNET: Secure Internet • NIPRNET: Non-secure Internet

33

Tactical Networking Model

CORE

DISTRIBUTION

ACCESS

Brigade

As mentioned in the previous slide, the distribution layer will be the primary focus of this class. The Access Layer services will be provided by the various units requiring data support. The Core Layer is normally provided by the DOIM or step sites. The Distribution Layer focuses on:

• Aggregation point for access layer devices (hosts, servers, and VTC equipment).

• Routing traffic to provide unit and organizational access between end users as well as internet connectivity.

• Providing translation between different media types such as Ethernet and Serial.

• Providing filtering services and limited security. • Segmenting the network into multiple collision and broadcast domains.

34

The Concept of Networking

At its most elementary level, a network consists of two computers connected to each other by a cable so that they can share data. All networking, no matter how sophisticated, stems from that simple principle.

Everything we cover throughout the class is about providing connectivity from one computer to another. It may be email, a web page, or some other service. In each case, we are connecting one computer to another.

35

Understanding the Data (1)

Data tends to exist as rather large files. However, networks cannot operate if computers put large amounts of data on the cable at one time.

- Large amounts of data sent as one large unit tie up the network.

- Networks reformat large chunks of data into smaller packages in case there is an error in transmission.

Data tends to exist as rather large files. However, networks cannot operate if computers put large amounts of data on the cable at one time. There are two reasons why this slows down the network:

1. Large amounts of data sent as one large unit ties up the network and makes timely interaction and communications impossible, because one computer is flooding the cable with data.

2. Networks reformat large chunks of data into smaller packages. If there is

a transmission error, only a small section of data is affected, so only a small amount of data must be resent, making it relatively easy to recover from the error.

In order for many users at once to transmit data quickly and easily across the network, the data must be broken into small, manageable chunks. These chunks are called packets or frames.

36

Understanding the Data (2)

Packets may contain several types of data including:

• Messages and files• Flow control information• Source and destination addressing• Error detection • Packet reassembly tags

Packets are the basic units of network communications. With data divided into packets, individual transmissions are speeded up so that every computer on the network will have more opportunities to transmit and receive data. At the target (receiving) computer, the packets are collected and reassembled in the proper order to form the original data. All packets have certain components in common. These include:

• A source address identifying the sending computer. • The data that is intended for transmission. • A destination address identifying the recipient. • Instructions that tell network components how to pass the data along. • Information that tells the receiving computer how to connect the packet to

other packets in order to reassemble the complete data package. • Error checking information to ensure that the data arrives intact.

37

Basic Packet Design

HEADER

An alert signal to indicate that the packet is being transmitted. The source and destination address. Clock information to synchronize transmission.DATAThis is the actual data being sent. This part of the packet can be of various sizes depending on the network. The data section on most networks varies from 512 bytes to 4k.

TRAILERThe trailer usually contains an error checking component called a cyclical redundancy check (CRC). The CRC is a number produced by a mathematical calculation on the packet at its source.

The Header includes:

• An alert signal to indicate that the packet is being transmitted. • The source address. • The destination address. • Clock information to synchronize transmission.

Data - This is the actual data being sent. This part of the packet can be various sizes, depending on the network. The data section in most packets varies from 512 bytes to 4k. Because most original data strings are much longer than 4k, data must be broken into chunks small enough to be put into packets. It takes many packets to complete the transmission of a large file. Trailer - The exact content of the trailer varies depending on the communication method or protocol. However, the trailer usually contains an error-checking component called a cyclical redundancy check (CRC). The CRC is a number produced by a mathematical calculation on the packet at its source. When the packet arrives at its destination, the calculation is redone. If the results are the same, it indicates that the data in the packet has remained stable. If the calculation at the destination differs from the calculation at the source, it means the data has changed during the transmission. In that case, the damaged packet is discarded and the CRC routine signals the source computer to retransmit the data.

38

Basic Packet Flow

Computer A creates apacket destined for computer F.

ABCDEF

Computer F processesthe packet.

All computers examine the header.

As shown above, computer A prepares a packet to be sent on the wire. As the packet is felt on the wire, every other computer will look at the header to determine if the packet is destined for them. Each computer looks in the header of the packet for their own unique MAC address (discussed in further detail later in the chapter). Only the computer with the correct address will accept the packet -- in this case, computer F. The router will also check the header of the packet to see if the address matches its own address. As with the computers, if the packet is not destined for the router, it will discard the packet.

39

The OSI Model (1)

Physical Layer

Data Link Layer

Network Layer

Transport Layer

Session Layer

Presentation Layer

Application Layer7

6

5

4

3

1

2

The OSI (Open Systems Interconnection) model uses a layered architecture to standardize the levels of service and the interaction types for networked computers.

In 1978, the International Standards Organization (ISO) released a set of specifications that described network architecture for connecting dissimilar devices. In 1984, the ISO released a revision of this model and called it the Open Systems Interconnection (OSI) reference model. Why OSI Was Developed The OSI model was developed to provide a consistent method for transmitting and receiving data through the network. All devices supporting the universal protocol would communicate by using a well-defined and well-understood process. Vendors design network products based on the specifications of the OSI model. It provides a description of how network hardware and software work together in a layered fashion to make communications possible. It also helps with troubleshooting by providing a frame of reference that describes how components should function and interact with each other.

40

Physical Layer

Data Link Layer

Network Layer

Transport Layer

Session Layer

Presentation Layer

Application LayerApplicationLayers

Data FlowLayers

The OSI Model (2)

Upper Layers - The three upper layers of the OSI reference model are often referred to as the Application Layers. These layers deal with the user interface, data formatting, and application access. Lower Layers - The four lower layers of the OSI model are responsible for defining how data is transferred across a physical wire, through internetworking devices, to the desired end station or host. We will briefly discuss the upper layers, but the remainder of this chapter will focus on the lower layers and how they interact in the Army tactical data network.

41

The OSI Model Upper Layers

Physical Layer

Data Link Layer

Network Layer

Transport Layer

Session Layer

Presentation Layer

Application LayerTELNETHTTPSMTPASCIIJPEGGIF

APPLICATIONACCESS SCHEDULING

EXAMPLES

User Interface (Application Interface)

How data is presented.Special processing such asencryption and compression.

Establishing, managing, andterminating communication sessions.

Application Layer - This is the highest layer of the OSI model. It is the point where the user or application interfaces with the protocols to gain access to the network. For example, a word processor is serviced by file transfer services, Microsoft Explorer is serviced by http and www, and Microsoft Outlook is serviced by SMTP. Presentation Layer - The presentation layer provides a variety of coding and conversion functions that are applied to the application layer data. These functions ensure that data sent from the application layer of one system can be read by the application layer of another system. An example is jpeg and gif formats of images displayed on web pages. This formatting ensures that all web browsers, regardless of operating system, can display the images. Session Layer - The session layer is responsible for establishing, managing, and terminating communication sessions between presentation layer entities. Communications at the layer consist of service requests and responses that occur between applications located in different devices. An example of coordination would be between a database server and a database client.

42

The OSI Model Lower Layers

Physical Layer

Data Link Layer

Network Layer

Transport Layer

Session LayerPresentation LayerApplication Layer

*Reliable or unreliable delivery*Error correction before retransmit

*Provide logical addressing whichrouters use for path determination

*Combines bits into bytes andbytes into frames

*Access to media using MAC address*Error detection not correction*Move bits between devices*Specifies voltage, wire speed, and

pin-out cables

TCPUDPSPX

IPIPX

802.3/802.2HDLCPPP

EIA/TIA-232V.35RS-442

EXAMPLES

It is the responsibility of the protocol stack to provide communications between the network devices. A protocol stack is the set of rules that define how information travels across the network. An example of this would be TCP/IP. The OSI reference model provides the basic framework common to most protocol stacks. Each layer of the model allows data to pass across the network. These layers exchange information to provide communications between the network devices. The layers communicate with one another using protocol data units (PDUs). These PDUs control what information is added to the user data. PDUs are covered in more detail on the next page.

43

EncapsulationAs the transmitted user data travelsdown the OSI stack, bits are addedto the header or trailer by each layer. This is encapsulation.

Physical Layer

Data Link Layer

Network Layer

Transport Layer


Segment

Packet

Frame

Bits

Upper Layer Data

TCP

IP

LLC

MAC

Upper Layer Data

Upper Layer Data

Upper Layer Data

Upper Layer Data FCS/CRC

TCP

TCP

TCP

IP

IPLLC

FCS/CRC

0110111100011101110111101111101111110111101110111011101

Received data travels up the OSI stack. Header and trailer bits are stripped off as they are examined at each layer. Finally, only the user data remains. This process is called decapsulation, also called de-encapsulation.

Because a PDU includes different information as it goes up or down the layers, it is given a name according to the information it is carrying. Information added at the transport layer is called the TCP header; it is then referred to as a segment. When passed down to the network layer, an IP header is placed on the PDU, which is then referred to as a packet. The data link layer actually has two sub layers: the logical link control layer (LLC) and the media access layer (MAC). When this data is added, it is referred to as a frame. The complete product is referred to as bits after the frame has been formatted into electrical signals at the correct voltage levels representing binary highs and lows on the physical media. This method of passing data down the stack and adding header information is called encapsulation. After the data travels across the network and is received at the destination machine, the process is reversed and is called decapsulation.

44

The concept of encapsulation is relatively simple. Pretend that you were sending a package through the post office. The first thing you would do is decide what you are sending (Upper Layer information). Then you would wrap the package for shipment. If you send it priority, mail (TCP/UDP) you would add that label. You might even add a note for the receiving end to call when the package is delivered (TCP). You would then address the package -- the portion of the address containing the city, state, and zip code is the IP (or network) address, while the remaining address references the local street address for the destination (LLC and MAC). You might then place special tape to verify if the package has been tampered with (FCS/CRC), and if the package had been tampered or altered in some way, the recipient could refuse to accept the package. Frame Check Sequence (FCS) and Cyclical Redundancy Check (CRC) are two different methods for error checking and detection. We will not go into great detail about either. The key point to remember is that they both provide an error detection algorithm to test the integration of the packet received. Do not confuse this with error recovery. Error recovery is performed at the transport layer and is covered in further detail later in this chapter.

45

Transport Layer

Physical Layer

Data Link Layer

Network Layer

Transport Layer

In order to connect two devices in the fabric of the network, a connection or session must be established. The transport layerdefines the end-to-end station establishment guidelines.

TCP UDPConnection-Oriented ConnectionlessTrusted Un-trustedReliable Unreliable

The transport layer provides the following functions:

• Allows end stations to assemble and disassemble multiple upper-layer segments into the same transport layer data stream. This is accomplished by assigning upper-layer application identifiers. Within the TCP/IP protocol suite (discussed a little later in this chapter), these identifiers are known as port numbers. The OSI reference model refers to these as Service Access Points (SAPs). The transport layer uses these port numbers to identify application layer entities such as FTP and Telnet.

• Allows applications to request reliable data transport between

communicating end systems which accomplishes the following:

1. Ensure that segments delivered will be acknowledged back to the sender.

2. Provide for retransmission of any segments that are not acknowledged.

3. Put segments back into their correct sequence order at the receiving end.

4. Provide congestion avoidance and control.

46

TCP Header

SourcePort

Dest.Port

SequenceNumber

ACKNumber Offset Reserved Flags Window

Size Checksum Urgent Options Pad

2 2 4 4 4 6 6 2 2 2 3 1

SourcePort

Dest.Port Length Checksum

UDP Header2 2 2 2

TCP Header and UDP Header

TCP provides for reliable data transfer, which is also referred to as trusted and/or connection oriented. This is accomplished by using Sequence and Acknowledgement fields in the TCP header. It also uses the Window Size to determine when an acknowledgement is required. This allows the two computers to negotiate the amount of packets sent before an acknowledgement must be provided. UDP is referred to as unreliable, un-trusted, and/or connectionless oriented. As you can see in the header above, there is not much information sent with a UDP packet other than the source and destination port.

47

TCP Connection

ServerHost

SEQ=100 SYN DPORT=80 SPORT=1027

SEQ=1000 ACK =101 SYN ACK DPORT=1027 SPORT=80

SEQ=101 ACK =1001 ACK DPORT=80 SPORT=1027

3 Step Start Up

Step 1 Let us start with the host computer requesting a TCP connection to a server. The (SEQ=) indicates the number of bytes in the packet. This allows the destination TCP counter to verify that 100 Bytes was received. The (SYN) is sent in the flag field of the TCP header and indicates a request for connection. DPORT=is the destination port number. This tells the server what type of service connection you are requesting. In this example, it is an HTTP connection. Step 2 The server responds with (SEQ=1000) indicating 1000 bytes of information for the SEQ parameters, it sends (ACK=101) indicating it received the 100 BYTES of information from the first packet. The (SYN) is a request to SYNC the SEQ fields and the (ACK) means the acknowledgement field is valid in this header. Step 3 The host replies with (SEQ=101) which is the number of BYTES in the packet, the (ACK=1001) says I received 1000 from the previous segment and I acknowledge it by providing a reply of 1001. Now that the parameters have been established, the computers can begin communications. The ensuing connection may be a simple request to open a web page.

48

TCP Moving Data (SIMPLE)

HostServer

1000 BYTES of data, Sequence=1000

Simple data transfer with an ACK of 3000



No data, Acknowledgement=4000

In the scenario above, the server sends three 1000-BYTE packets. If all three are received without error, the host computer acknowledges with ACK=4000. This tells the server to continue with the transmission.

49

TCP Moving Data (Error Recovery)

HostServer 1000 BYTES of data, Sequence=1000

Data transfer with an error






In the scenario above, the host computer received the first packet and the third packet, but the second packet was lost. The host sends a reply back to the server requesting that SEQ=2000 be resent. The server waits for the host to reply with an ACK=4000 to continue or another ACK indicating another packet was lost as well. If the server has sent all three packets and receives no reply, then the server assumes nothing was received and resends all three packets.

50

TCP Moving Data (Windowing)

HostServer 1000 BYTES of data, Sequence=1000



ACK=1000 Window=3000







With WINDOWING, the amount of data sent before an ACK is required can change. In this scenario, the host continues to raise the window size after each ACK if no errors were detected. This continues until there are errors, and then the host computer decreases the window size until the errors are cleared. The WINDOW slides up and down based on network performance and is often referred to as a sliding window for this reason. It is the SEQ+ACK+WINDOW SIZE working together that make this whole process work, adjusting for network conditions and providing error recovery.

51

TCP Shutdown

ServerHostACK FIN SEQ=1000

4 Step Shutdown

ACK ACK=1001

ACK FIN ACK=1001 SEQ=1470

ACK ACK=1471

Step 1 Now that all the data has been transferred, the host requests a shutdown of the TCP connection. In the flag field, it sends a (FIN) which stands for finished. Step 2 The server replies with an ACK in the flag field and ACK=1001 letting the host know it has received the request. Step 3 The first reply from the server was to notify the host it received the request, so it does not continually resend, then the server waits on the application to respond to the request. Once the application program has responded, the second ACK is sent along with a FIN. Step 4 The host replies with an ACK in the flag field and an ACK=1471 indicating it received the last transmission. The TCP connection is now closed.

52

Network Layer

Physical Layer

Data Link Layer

Network Layer

Transport Layer

The network layer defines how to transporttraffic between devices that are not locallyattached in the same broadcast domain.

Two pieces of information are required to dothis:

• A logical address (Source and Destination).• A path through the network.

Network layer addresses (also called virtual or logical addresses) exist at layer 3 of the OSI reference model. Unlike the data link layer address, which usually exists within a flat address space, network layer addresses are usually hierarchical in that they define the network first and then the devices or nodes on each of those networks. Logical addresses contain information that can be used to route packets. MAC addresses (physical addresses) at Layer 2 are just serial numbers for a piece of hardware. This logical addressing in conjunction with the subnet mask allows the network manager to define what portion of an address is the network and what portion is the host.

53

Network Layer IP Address

148.43.200.16

148 43 200 16

0-255 0-255 0-255 0-255

10010100 00101011 11001000 00010000

8 + + +8 8 8

16 Network Bits 16 Host Bits

=32 Bits

The logical address consists of two portions. One part uniquely identifies each network within the internetwork, and the other part uniquely identifies the host on that network. Combining both portions results in a unique network address for each device. This unique address has two functions.

1. The network portion identifies each network in the internetwork structure, allowing the routers to identify paths through the network cloud. The router uses this address to determine where to send network packets, in the same manner that the zip code determines the state and city to which a package should be delivered.

2. The host portion identifies a particular device or a device’s port on the network in the same manner that a street address on a letter identifies a location within that city.

There are many network layer protocols, and they all share the function of identifying networks and hosts throughout the internetwork structure. Most of these protocols have different schemes for accomplishing this task. TCP/IP is a common protocol that is used in router networks.

54

An Internet Protocol (IP) address has the following components to identify networks and hosts:

• A 32-bit address, divided into four 8-bit sections called octets. This address identifies a specific network and a specific host on that network by subdividing the bits into network and host portions.

• A 32-bit subnet mask that is also divided into four 8-bit octets. The subnet mask is used to determine which bits represent the network and which bits represent the host. The bit pattern for a subnet mask is a string of repeating 1s followed by the remaining bits, which are set to zero.

The portion of the mask with one bits defines the network portion of the IP address, and the zero bits represent the host bits in the address. With that in mind, the mask would have to accompany the IP address for other computers and routers to determine how much of any address is network and how much is reserved for hosts. The function of the subnet mask is to mask the host portion of the IP address, so that the network address can be identified. Routers route to networks, so they must be able to identify what network an IP address is on. Chapter 2 covers IP addressing in much greater detail.

55

Data Link Layer

Physical Layer

Data Link Layer

Network Layer

Transport Layer

The data link layer provides communications between workstations at the first logical layer above the bits on the wire.

The data link layer is broken into two sub-layers, the MAC and LLC.

Media Access Control (MAC)

Logical Link Control (LLC)

The data link layer has two sub-layers. They are described below. Media Access Control (MAC) Sub-layer (802.3) The Media Access Control sub-layer is responsible for how the data is transported over the physical wire. This is the part of the data link layer that communicates with the physical layer. It defines such functions as physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control. Logical Link Control (LLC) Sub-layer (802.2) The logical link control sub-layer is responsible for logically identifying different layer 3 protocol types and then encapsulating them at layer 2 in order to be transmitted across the network. A type code identifier does the logical identification; these codes are referred to as Service Access Points (SAP). The data link layer provides the physical addressing necessary for communications on a LAN, and it provides error detection. Cisco Layer 2 switches operate at the data link layer, because they use physical addressing to move data from source to destination.

56

MAC Address (1)

0000C0A05124

0000C0 A05124

MAC Address

IEEE AssignedVendor Code

Vendor AssignedSerial Number

MAC addresses contain 6 bytes/octets (48 bits) that protocol analyzers display as 12 hexadecimal characters. The first three bytes (pairs of hexadecimal characters) contain the vendor address component of the NIC (network interface card) address. The last three bytes carry the serial number of that vendor’s card. Although many vendors are careful not to use registered codes, others are not so careful. A code may be the same on two or more vendors’ NICs. If these cards are installed on the same network segment, the results could be unpredictable.

57

MAC Address (2)

UNICAST 0000c0a04424 One DeviceVendor Serial

MULTICAST 010001d00000 Group of Devices

BROADCAST FFFFFFFFFFFF All Devices

The hexadecimal format uses 16 characters – 0 through 9, and A through F. Any of these characters used in the MAC address represent four binary bits. 0 in hexadecimal represents 0000 in binary, 1 represents 0001, 2 represents 0010, and so on, until the last hexadecimal character is reached - F, representing binary 1111. Turning on the lowest valued bit in the first byte of the Ethernet address field indicates that the transmission is a multicast and multiple recipients share the destination address. Some of the systems participate in more than one multicast group. An example of a multicast is VTC (Video teleconferencing). The broadcast address field will contain all 1s as indicated by the hexadecimal Fs. All the computers on that cable segment will process packets with that destination address. For example, if one computer wants to ask for information from another local computer, first it must identify that computer’s MAC address. The source address will always be unicast.

58

Broadcast Packets

Two types:1. Directed - last IP in a subnet range2. Local - an IP address of all 1s

148.18.255.255 FFFFFFFFFFFF 255.255.255.255 FFFFFFFFFFFF

Directed Broadcast Packet Local Broadcast Packet

destination IP address

destination MAC address

destination IP address

destination MAC address

The IP address whose bits are all 1s, or 255.255.255.255 in dotted decimal notation, is called a local broadcast address. The local broadcast address can be used as a destination IP address only. It addresses all hosts on a segment. A common use for a local broadcast is for a host that has no IP configuration information to utilize it as a destination address to request IP information, such as with Dynamic Host Configuration Protocol (DHCP). A local broadcast is never forwarded by a router. Once the router receives the DHCP request it replaces the local broadcast destination address with a preconfigured IP address for the DHCP server. The IP address whose host ID bits are all 1s is called a directed broadcast address. A directed broadcast address can appear as a destination IP address only. It addresses all hosts on the segment whose network ID is equal to the network ID of the directed broadcast address. A directed broadcast is utilized by a host on a network segment when it has information for all other hosts on that segment such as an ARP request.

59

Physical Layer

1 2 3 4 5 6 7 8

TD+ TD- RD+ N/C N/C RD- N/C N/C

Pins 1 & 2 - Pair #1 Transmit DataPins 3 & 6 - Pair #2 Receive DataPins 4, 5, 7, & 8 - Not Connected

Twisted Pair

The physical layer defines themedia type, connector type, and signaling type.

THINLAN

Physical Layer

Data Link Layer

Network Layer

Transport Layer

The physical layer defines the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating the physical link between end systems. It also specifies the voltage levels, data rates, maximum transmission distances, and physical connectors. The physical media and the connectors used to connect devices into the media are defined by standards at the physical layer. The Ethernet and IEEE 802.3 (CSMDA/CD) standards define a bus topology LAN that operates at a baseband signaling rate of 10/100 megabits per second. Three examples are listed below:

1. 10Base2 -- known as Thinnet. Allows network segments up to 185 meters on coaxial cable by interconnecting or chaining devices together.

2. 10Base5 -- known as Thicknet. Allows network segments up to 500 meters on large coaxial cable with devices tapping into the cable to receive signals

3. 10BaseT -- Carries Ethernet signals up to 100 meters on inexpensive twisted-pair wiring back to a centralized concentrator called a hub. Hubs operate at the physical layer. The 10 refers to the speed. The Base refers to baseband signaling. The T refers to the type of cabling used, twisted pair.

60

When routers are connected together over some form of transmission media, serial cabling is normally used. These serial connections are referred to as WAN connections. A few examples of serial cables are RS-232, RS-449 and, RS-530. As with the Ethernet cabling mentioned above, the physical layer determines all aspects of the cable, which includes transmit and receive pins and control leads.

61

Network Adapter

Network Adapter:The Physical Media and

Media Access Control (MAC)Address

Before data can be sent over the network, the network adapter card must change it from a form the computer can understand to another form, which can travel over a network cable. Data moves through a computer along paths called busses. These are actually several data paths placed side by side. Because several paths are side-by-side (parallel), data can move along them in groups instead of a single (serial) data stream. Older busses, such as those used in the original IBM personal computer, were known as 8-bit busses because they could move data 8 bits at a time. The IBM PC/AT@ used a 16-bit bus, which means it could move data 16 bits at a time. Many computers use 32-bit buses. When data travels on a computer's bus, it is said to be traveling in parallel because the 16 or 32 bits are moving along side by side. Think of a 16-bit bus as being a 16-lane highway with 16 cars moving side-by-side (moving in parallel), each carrying one-bit of data. On the network cable, data must travel in a single bit stream. When data travels on a network cable, it is said to be traveling as a serial transmission because one bit follows another in series. In other words, the cable is a one-lane highway. The data on these highways always travels in one direction. The computer is either sending or receiving data.

62

The network adapter card takes data traveling in parallel as a group and restructures it so that it will flow through the 1-bit wide serial path of the network cable. This is accomplished through the translation of the computer's digital signals into electrical and optical signals that can travel on the network's cables. The component responsible for this is the transceiver. Network adapter cards act as the physical interface or connection between the computer and the network cable. The cards are installed in an expansion slot in each computer and server on the network. After the card has been installed, the network cable is attached to the card's port to make the actual physical connection between the computer and the rest of the network. The role of the network adapter card is to:

1) Prepare data from the computer for the network cable. 2) Send the data to another computer. 3) Control the flow of data between the computer and the cabling system.

63

MAC Addressing

Physical Layer

Data Link Layer

Network Layer

Transport Layer


Segment

Packet

Frame

Bits

Upper Layer Data

TCP

IP

LLC

MAC

Upper Layer Data

Upper Layer Data

Upper Layer Data

Upper Layer Data FCS/CRC

TCP

TCP

TCP

IP

IPLLC

FCS/CRC

0110111100011101110111101111101111110111101110111011101

0000c0a04424 Source MAC

AF E D C B

0001b0a01342Destination MAC

As we discussed earlier in the chapter, communications on a LAN is half-duplex. That is, only one computer sends data at a time. All other computers on the LAN, to include the router port, will also be listening. What they are listening for is their MAC address. If in the header of a packet they find their MAC address, that machine will accept and process the contents of the packet. It is important to keep in mind that all communications on a LAN is done using MAC addressing. The IP address is not needed for communications on a LAN. However, if you want to send or receive data outside of your LAN, an IP address is needed. The relation between the two and how they are used in the router will be covered in the TCP/IP portion of the class. In the example above, computer A is attempting to send a packet to computer F. To do this computer A needs computer F’s MAC address. That information is included in the packet at the data link layer along with the CRC. The packet is then sent out on the wire. Computer F identifies the destination MAC address and accepts the contents of the packet. It uses the CRC to verify the packet was received without error.

64

TCP/IP Protocol Stack (1)

*User Interface (Application Interface)*How data is presented*Special processing such as

encryption and compression

*Establishing, managing, and terminating sessions*Reliable or unreliable delivery*Error correction before retransmit

*Provide logical addressing whichrouters use for path determination

*Combines bits into bytes and bytes into frames *Access to media using MAC address

*Error detection *Move bits between devices*Specifies voltage, wire speed, and pin-out cables

Application

Presentation

Session

Transport

Network

Data Link

Physical

Process/

Host-to-Host

Internet

NetworkAccess

Application

There is no direct correlation between TCP/IP and the OSI model. However, many people understand protocol stacks by using the OSI model. Therefore, we have put the two stacks here for comparison. The TCP/IP Process/Application layer is roughly equivalent to the OSI application and presentation layer. The host-to-host layer shares the session layer with the process layer and is similar to the OSI transport layer. The internet layer is similar to the OSI network layer, and the network access layer aligns with the data link and physical layers of the OSI model.

65

Process/Application

Host-to-Host

Internet

AccessEthernet, Token Ring, FDDI, SLIP, PPP, others

ARP IP RARP

IGRP OSPFICMP

TCP UDP

TELNET

FTP

SMTP

DNS

BOOTP

DHCP

TFTP

SNMP

0806 0800 8035

88 8901

6 17

23 20 21 25 53 53 67 68 69 161 162

TCP/IP Protocol Stack (2)

The network access layer or physical/data link layer (OSI) is responsible for the physical movement of the data over the wire or fiber used in the network. It also monitors packets on the wire in search of MAC addresses. The data link piece and internet piece are covered in more detail below. The Access Layer provides: A Target Hardware Address field is first, so that the NICs know when a packet is destined for their computer. The first bits of data all other computers will see on a LAN are the target MAC address. If a computer finds a match to its internal MAC, it will accept the packet for processing. A Source Hardware Address field identifies the specific hardware card that originated the Ethernet frame. The destination will know immediately where the packet came from. The Protocol Field acts as a shipping label to identify what function is to receive the contents of this packet at the target end of the transmission. Ethernet and IEEE rules set limits on the size of a packet carried on the wire. The MTU (maximum transmission unit) specifies that Ethernet II and 802.3 packets may contain up to 1,500 bytes of data.

66

The CRC (Cyclical Redundancy Check) is an algorithm used to determine if the packet was received in full and without errors. The Internet Layer Provides: Each of the protocols in the TCP/IP suite uses a series of bytes (known as a header) to perform its required functions. The IP header is no different. Some of the required functions are:

• Logical Addressing (IP Addressing) • Fragmentation • Data Length • Quality of Service • Higher Layer Protocol identification • Routing • Diag nostics

Each field in the IP header has a particular role. These fields may contain a single bit or multiple bytes to identify the function. If you have not already noticed, the Ethernet addresses exist both in the network access layer and internet layer. Once the network access layer has been stripped off and the data has been sent, up to the internet layer, that layer must also know the target and source hardware addresses. The protocol type field identifies which function is being serviced at the next layer, and thus which protocol (TCP, UDP) will either receive the data (going up the stack), or has sent the encapsulated data down the TCP/IP stack. The source and destination IP addresses are also included in the internet layer header. The internet layer is the layer at which routers also function. When delivering a packet to a destination outside the local LAN, the router will use the source and destination addresses to deliver the packet.

67

TCP/IP Packet Construction

Process/

Application

Host-to-

Host

Internet

Access

ARP IP RARP

IGRP OSPFICMP

TCP UDP

TELNET

FTP

SMTP

DNS

BOOTP

DHCP

TFTP

SNMP

0806 0800 8035

88 8901

6 17

23 20 21 25 53 53 67 68 69 161 162

Microsoft OutlookEMAIL

Data From Computer

DATA

DATA 25 32 5

DATA 25 32 5 6 S-IP D-IP

Source and DestinationPort Number

Sequence Number

Acknowledgement

DATA 25 32 5 6 S-IP D-IP S-MAC D-MACCRC 08-00

Protocol No#

SMTP

TCP

IP

Ethernet, Token Ring, FDDI, SLIP, PPP, others

Error Detection

Protocol No# Source/Destination IP Address

Source/Destination MAC Address

The above slide provides a flow from computer to wire, creating a packet containing MS Outlook information. Not everything included in a packet creation is provided. We are highlighting key areas for the purpose of this class. If further information is desired on TCP/IP and packet construction, there are several great books available, along with RFCs that are free on the internet.

68

Local Area Network (LAN)

BUS Topology

STAR Topology

RING Topology

All network designs stem from three basic topologies:

1. Bus: Computers are connected in a row along a single cable segment.

2. Star: Computers are connected to cable segments that branch out from a single point.

3. Ring: Computers are connected to a cable that forms a loop. The term topology, or more specifically, network topology, refers to the arrangement or physical layout of computers, cables, and other components on the network. Topology is the standard term that most network professionals use when they refer to the network's basic design. Developing a sense of how the different topologies are used is one key to understanding the capabilities of the different types of networks.

69

Token Ring Topology

TOKEN

Counter Clockwise

In a ring topology or Token Ring topology, the data is transferred from one computer to another. Each computer has a transmit and receive line. The data is passed from one computer to another in a counter clockwise motion. Special network management data packets, called tokens, are sent around the ring, as well as the actual communications data traffic. Each computer interrogates the data to see if it is addressed for his computer. If not, it resends the data to the next computer. This continues until the data has reached its destination. Token Ring is not used in the tactical world. Although Token Ring is considered one of the most efficient ways of communicating in a LAN environment, the cost to implement it exceeds what most organizations are willing to pay. Even IBM, the founder of Token Ring, has been migrating to the more affordable Ethernet topology.

70

Bus Topology

Terminator T Connectors

COAX

The bus topology is also known as a linear bus. This is the simplest and most common method of networking computers. It consists of a single cable called a trunk (also backbone or segment) that connects all of the computers in the network in a single line. In a bus topology using 10Base2 thinnet coaxial cables, the cable cannot exceed 185 meters or 607 feet. The limit for 10Base5 thicknet coaxial is 500 meters. The Terminator To stop the signal from bouncing, a component called a terminator is placed at each end of the cable to absorb free signals. Absorbing the signal clears the cable so that other computers can send data. Every cable end on the network must be plugged into something. For example, a cable end could be plugged into a computer or a connector to extend the cable length. Any open cable ends not plugged into something must be terminated to prevent signal bounce. T Connectors are used to branch off the bus, allowing multiple computers to share the same wire. All the computers and the router port connected to the wire share the path. This type of configuration uses half-duplex communications; that is, only one computer at a time can transmit data. When one computer is transmitting, all other computers are listening.

71

Bus Topology Characteristics (1)

Computer AComputer CComputer F

Network data in the form of electronic signals is sensed by all of the computers on the network; however, the information is accepted only by the computer or computers whose address (es) matches the address encoded in the original signal. Only one computer at a time can send messages. Because only one computer at a time can send data on a bus network, network performance is affected by the number of computers attached to the bus. The more computers on a bus, the more computers there will be waiting to put data on the bus, and the slower the network will be.

72

Bus Topology Characteristics (2)

Computer AComputer C

CollisionCollision Domain

Broadcast Domain

Collisions occur when two computers attempt to transmit at exactly the same time. When this condition occurs, the computers sense the collision. Each computer will attempt to resend but does so based on a varied time. The varied time is referred to as the back-off algorithm. The back-off algorithm timer varies from time to time and from computer to computer. This dramatically reduces the likelihood of the same two computers having repeated collisions for the same traffic. All computers sharing the same wire are considered to be under the same collision domain. As the amount of computers increase on the network, the amount of collisions will also increase. Although collisions are a normal part of communicating on a network, at some point during network expansion, collisions can seriously slow the flow of traffic.

73

Star Topology

HUB

AZ

Collision Domain

Broadcast Domain

Twisted Pair

Pins 1 & 2 - Pair #1 Transmit DataPins 3 & 6 - Pair #2 Receive DataPins 4, 5, 7, & 8 - Not Connected

1 2 3 4 5 6 7 8

TD+ TD- RD+ N/C N/C RD- N/C N/C

Star topology is normally made up of a hub using Cat V (five) unshielded twisted pair cable with an RJ-45 connector. Although UTP has eight wires, only four are generally used. The pin outs are listed above. The hub takes the transmit pairs and receive pairs and transposes the signal when they are received on any of the spokes. If computer A transmits, that data will travel across pins 1 & 2. The hub will take the signal and forward the information onto pins 3 & 6 for all computers on the network. As with the bus topology, every computer on the network will sense the data and as with a bus topology, only one computer can transmit at a time. All computers hooked to the hub or chain of hubs is considered to be under the same collision domain. As the amount of computers increase on the network, the amount of collisions will also increase.

74

CSMA/CD

CSMA – Ethernet hosts first listen to see if any other host on the segment is transmitting. If no other host is transmitting or the wire is clear, the listening host then transmits its data.

CD – CSMA does not take into account if two hosts transmit at exactly the same time. Each host monitors its own transmissions for collisions with other packets on the wire. When collisions occur, each host stops transmitting and starts a “back off algorithm” to calculate an arbitrary time to retransmit. This insures that the hosts which experienced the collision will not retransmit at the same time.

• Carrier Sense Multi-Access / Collision Detect

Ethernet uses a refinement of ALOHA, known as Carrier Sense Multiple Access (CSMA), which improves performance when there is a great deal of traffic on the medium. When a NIC has data to transmit, the NIC first listens to the cable (using a transceiver) to see if a carrier (signal) is being transmitted by another node. This may be achieved by monitoring whether a current is flowing in the cable (each bit corresponds to 18-20 milliamps (ma)). The individual bits are sent by encoding them with a 10 MHz (or 100 MHz for Fast Ethernet) clock using Manchester encoding. Data is only sent when no carrier is observed (i.e. no current present) and the physical medium is therefore idle. Any NIC, which does not need to transmit, listens to see if other NICs have started to transmit information to it. However, this alone is unable to prevent two NICs transmitting at the same time. If two NICs simultaneously try transmitting, then both could see an idle physical medium (i.e. neither will see the other's carrier signal), and both will conclude that no other NIC is currently using the medium. In this case, both will then decide to transmit and a collision will occur. The collision will result in the corruption of the frame being sent, which will subsequently be discarded by the receiver since a corrupted Ethernet frame will (with a very high probability) not have a valid 32-bit MAC CRC at the end.

http://www.erg.abdn.ac.uk/users/gorry/course/lan-pages/transceiver.html

http://www.erg.abdn.ac.uk/users/gorry/course/lan-pages/transceiver.html

http://www.erg.abdn.ac.uk/users/gorry/course/phy-pages/man.html

http://www.erg.abdn.ac.uk/users/gorry/course/lan-pages/mac.html

75

A second element to the Ethernet access protocol is used to detect when a collision occurs. When there is data waiting to be sent, each transmitting NIC also monitors its own transmission. If it observes a collision (excess current above what it is generating, i.e. > 24 for coaxial Ethernet), it stops transmission immediately and instead transmits a 32-bit jam sequence. The purpose of this sequence is to ensure that any other node, which may currently be receiving this frame, will receive the jam signal in place of the correct 32-bit MAC CRC. This causes the other receivers to discard the frame due to a CRC error. To ensure that all NICs start to receive a frame before the transmitting NIC has finished sending it, Ethernet defines a minimum frame size (i.e. no frame may have less than 46 bytes of payload). The minimum frame size is related to the distance, which the network spans, the type of media being used, and the number of repeaters, which the signal may have to pass through to reach the furthest part of the LAN. Together these define a value known as the Ethernet Slot Time, corresponding to 512-bit times at 10 Mbps. If two or more transmitting NICs each detect a corruption of their own data (i.e. a collision), each responds in the same way by transmitting the jam sequence.

76

Star Topology With Layer 2 Switch

One Broadcast Domain

CollisionDomain

CollisionDomain

CollisionDomain

Bridges and Layer 2 switches are used to isolate two or more networks at the network interface layer. They understand physical layer addressing and can learn where each device is located. A switch listens to all traffic on a physical segment. When it finds data that belongs to a device on another segment, it forwards the data to that LAN segment. Since the switch uses MAC addressing, it does not route; it only forwards. Bridges forward complete packets and are known as store-and-forward devices. Switches can function as a bridge does, but have the added feature of remembering source and destination packets and are able to forward by looking at the destination address only. This dramatically increases the speed of data delivery and is referred to as cut through processing.

77

Switches Build a MAC Database

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

E-3E-2E-1E-0

Initially a switch MAC Database will be empty. Each frame received will be flooded out all ports. As MAC address are mapped to ports the switch can “learn”

the port to forward the frame on.

AAAA.AAAA.AAAA

Frame

Frame

FrameFrame

A switch or bridge learns the MAC addresses attached to each port by listening to the traffic and examining the source MAC address of the incoming frame. The MAC addresses to port mappings are stored in a MAC database. The database is commonly referred to as the MAC table or the Content-Addressable Memory (CAM) table. When a frame is received by the switch or bridge, the MAC table is consulted to determine which port can reach the station identified in the destination portion of the frame. If the destination MAC is found in the MAC table, the frame is transmitted on to the port listed. If the destination MAC is not found, the frame is transmitted on all outgoing ports except on the one from which it was received. Once the switch has learned the location of each attached host, the MAC table is fully populated. At that point, each unicast transmission will be delivered only to one outgoing port. Flooding of packets would be eliminated for these unicast transmissions. In the graphic above, there would be no collisions possible, because each host is attached to its own switchport. Broadcast and multicast frames are a special case. Because broadcast and multicast frames may be of interest to all stations, the switch or bridge normally floods broadcast and multicast to every port except the originating port. A switch or bridge never learns a broadcast or multicast address because broadcast and multicast addresses never appear as the source address of a frame.

78

Switch and Hub

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

E-0

E-1

E-2

With a hub and attached hosts configured off a switch port, as shown, a shared collision domain is created that includes E-2, the hub and its attached hosts . Any traffic for C is still received at D, and vice versa.

Frame

Frame

Fram

eFr

ame

DDDD.DDDD.DDDDE-2CCCC.CCCC.CCCCE-2BBBB.BBBB.BBBBE-1AAAA.AAAA.AAAAE-0

Switch Set-Up (No Collisions)

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

If each switch port has one host attached, as traffic is heard on each port the switch can “MAP” the MAC to the port. All further communications will be sent directly from one port to another and not be flooded out all ports. Only one host will receive a unicast transmission. Each host exists in its own collision domain at this point.

Frame

E-0E-1E-2E-3

AAAA.AAAA.AAAABBBB.BBBB.BBBBCCCC.CCCC.CCCCDDDD.DDDD.DDDD

Frame

79

Star Topology with Layer 3 Router

Collision / BroadcastDomain



Routers separate Broadcast Domains as well as Collision Domains.

Routers are used to separate collision and broadcast domains. With LAN segmentation, the router can keep local traffic local, increase the bandwidth available to each user, reduce collisions, reduce broadcasts, and deal with Ethernet distance limitations. Routers move traffic through a network based on an IP address, or logical address. This type of addressing is understood by all networking devices and can be segmented as large or as small as your network requires. The physical addressing used on switches is not routable, and therefore is used only when communicating on a LAN or segmented LAN via a layer 2 switch. Routers also give you the flexibility to control or filter certain traffic, providing the network administrator more control over the data network and how it functions.

80

Shared Collisionand Broadcast Domain

Shared Collision and Broadcast

Domain


SWITCH

Of the four, onlythis broadcastdomain will giveeach host its owncollision domain.

With this topology configured, CSMA / CD automatically shuts down and your LANgoes to full duplex.


81

A VLAN is just a separate subnet…a separate broadcast domain. Configuring VLANs within your topology allows you to have members of different networks at more widely separate physical locations than would normally be possible. In this example topology, each host has its own collision domain. In this topology, three broadcast domains exist…the blue, red and green subnets, VLANs 100, 200 and 300.

Separate Broadcast Domains & VLANs

interface FastEthernet0/0description Trunk to Switchno ip addressduplex full

interface FastEthernet0/0.1description VLAN 100encapsulation dot1Q 100ip address 148.30.1.1

255.255.255.240


255.255.255.240


255.255.255.240

SW - 2

SW - 3

SW - 1

VLAN 100VLAN 200

VLAN 300

VLAN 100VLAN 200

VLAN 300

VLAN 100VLAN 200

VLAN 300

VLAN 100VLAN 200

VLAN 300

One Physical Ethernet Interface

The switch offers a series of paths for hosts attached to the switch to reach the router and the WAN beyond. Any switch port will do at first. They are all on the native VLAN1. Frames into any port are flooded to all others, or to one MAC after the MAC table is built, or sent to the router if the destination address is on another network.

A Virtual LAN is a network of hosts, which may be connected to different physical LANs. If hosts on the same switch are members of different VLANs, they will no longer be able to communicate directly through the switch via MAC address. The packets will need to be routed between networks, so they are sent first to the router's Ethernet port, examined for the layer 3-destination address, and sent back out the same Ethernet interface to the switch. The switch then delivers the packet to the appropriate host.

A VLAN is a group of ports on switches that provides service to end stations with a common set of requirements, independent of their physical location. A VLAN has the same attributes as a physical LAN, but allows you to group end stations even if they are not physically located on the same LAN segment. VLANs allow you to group ports on a switch to limit unicast, multicast, and broadcast traffic flooding. Flooded traffic that originates from a particular VLAN floods only to ports belonging to that VLAN.

82

VLANs are created on Layer 2 switches to control broadcasts and collision domains, as well as enforce the use of a layer 3 device (router) for communications off the VLAN. Each VLAN is created in the local switches database for use. If a VLAN is not known to a switch, that switch cannot transfer traffic across any of its ports for that VLAN. VLANS are created by number, and there are two ranges of usable VLAN numbers (normal 1 – 1000 and extended range 1025 – 4096). When a VLAN is created, you can also give it certain attributes such as a VLAN name, VLAN type, and its operational state.

83

Address Resolution Protocol (ARP)

ARP CACHE

148.43.200.2

148.43.200.5

I need the Ethernet address (MAC)for 148.43.200.5

I am IP address 148.43.200.5, my MACAddress is 0800.0200.111

148.43.200.5 = 0800.0200.111

I need the Ethernet address (MAC)for 148.43.200.1

148.43.200.1I am IP address 148.43.200.1, my MACAddress is 0500.2132.452

148.43.200.1 = 0500.2132.452

ARP is used to resolve or map a known destination IP address (network layer) to a MAC address (data link layer). Remember earlier, we stated communications on Ethernet use MAC only. Since many of our data functions today require the use of IP addresses, to include routing, we need to be able to communicate and map IP to MAC. To determine a destination address for a datagram, the sending station checks the internal ARP cache table for a match. If no match exists, the sending station will create a packet using a broadcast address with the question, “I have this IP address, what is your MAC address?” All machines on the network process the packet, and the machine who is IP matches the request, responds with, “I am the computer with this IP address, my MAC is XXXX.XXXX.XXX.” The computer requesting the information then stores the mapped IP to MAC in the ARP cache for later use. It will also place the MAC address in the packet it is sending out and will put it on the wire. The receiving computer now has a packet addressed specifically for his machine. The ARP Cache is not a permanent entry, meaning over a period of time the ARP cache entries will be removed if they have not been used. This time varies from software to software, and is dependent upon how often the ARP cache is accessed for any particular MAC.

84

Serial Link Encapsulation

LAYER TWO ENCAPSULATION ON SERIAL LINKS:

LAYER TWO PROTOCOLS COVERED IN THIS CLASS:

•HDLC – HIGH-LEVEL DATA LINK CONTROL •PPP – POINT-TO-POINT

OTHER LAYER TWO PROTOCOLS NOT COVERED IN THISCLASS:

•SLIP – SERIAL LINE INTERFACE PROTOCOL•LAPB - X.25/LINK ACCESS PROCEDURE BALANCED•FRAME RELAY•ATM – ASYNCHRONOUS TRANSFER MODE

HDLC is the Cisco default encapsulation type for point-to-point dedicated links, and circuit switch connections. Cisco HDLC is a bit oriented synchronous data link protocol typically used when communicating between two Cisco devices. HDLC is not the protocol of choice in the tactical network. PPP provides router to router and host to network connections of synchronous and asynchronous circuits. PPP was designed to work with several layer three network protocols. PPP is the protocol used in this class, and is recommended for tactical high-speed data networks.

85

Serial Encapsulation With PPP

DATA 25 32 5 6 S-IP D-IP S-MACCRC 08-00 D-MAC

DATA 25 32 5 6 S-IP D-IP NCPFCS HALCP

DATA 25 32 5 6 S-IP D-IP

Ethernet

Frame Check Sequence

WHEN A PACKET ENTERS A ROUTER ETHERNETPORT, THE LAYER TWO HEADER IS STRIPPED OFF.

BEFORE THE PACKET IS SENT OUT A SERIAL PORT, ANOTHER LAYER TWO HEADER IS PLACED ON THE PACKET. PPP PROVIDES THE LAYER 2 ENCAPSULATIONFOR TACTICAL NETWORKS.

Router Serial PortWAN Link

Router Serial PortWAN Link

Serial Port Hardware Address:PPP uses a binary sequence ofall 1’s.

Link Control Protocol

Network Control Protocol

Functionally, Point-to-Point Protocol is a data-link protocol with network layer services. As a result of this characteristic, PPP is broken down into two sub-layers: Network Control Protocol (NCP), and Link Control Protocol (LCP). Network Control Protocol - PPP uses the NCP to interface with the OSI network layer. It has the ability to handle multiple layer three protocols such as IP, IPX, and AppleTalk. Another added feature of NCP is the capability of extracting and sharing network layer addressing with directly connected neighbors. This is extremely important when using loopback addresses and IP unnumbered interfaces. It is important to note that this feature is not part of HDLC, which is the default encapsulation on all Cisco router serial ports. Link Control Protocol - LCP handles the lower level functions of PPP. LCP provides services that control setting up, maintaining, and terminating data link connections. Other PPP features:

• Authentication: Controls and verifies the distant-end router, to insure authorized connections only.

• Compression: To increase throughput on a link, compression, and decompression can be run to reduce the amount of data in a frame. Two compression protocols available on Cisco routers are Stacker and Predictor.

• Error Detection: Provides error detection similar to FCS or CRC does on Ethernet.

• Multi-link PPP: Provides load balancing over router interfaces using PPP.

86

How It All Works Together

148.43.200.2

148.43.200.1

I need the Ethernet address (MAC) for 148.43.200.1, this is my gateway IP address.

A Z

I am IP address 148.43.200.1, my MAC Address is 0800.0200.111

199.20.100.5

199.20.100.1

I need the Ethernet address (MAC) for 199.20.100.5

I am IP address 199.20.100.5, my MAC Address is 0500.0200.113

Packet information at Router 1Source IP:148.43.200.2Destination IP:199.20.100.5Source MAC: Computer ADestination MAC: Router 1

R 1 R 2Packet information at Router 2Source IP:148.43.200.2Destination IP:199.20.100.5Source MAC: Router 2Destination MAC: Computer Z

Encapsulation PPP: Does notcarry any information pertainingto the MAC address.

ARP Cache148.43.200.1 = 0800.0200.111

ARP Cache199.20.100.5 = 0500.0200.113

Computer A has a packet destined for Computer Z: Before computer A can send a packet out to computer Z, it must first obtain the MAC address for the gateway. Generally, the gateway for any network is the IP address of the router Ethernet port connected to that network. From router to computer on the same Ethernet network, communication is done by MAC only, and therefore requires an ARP request if the IP to MAC mapping does not reside in the ARP cache. The router responds with an IP to MAC mapping to allow Computer A to create a packet destined for computer Z; but the Layer two MAC addressing will be from Computer A to Router 1. The IP addressing will be from Computer A to Computer Z. Once the packet is received at Router 1, the Ethernet header is stripped off, and a PPP header is added. Remember that routers route based on IP addressing, and the packet does not carry the MAC addressing across WAN links. When the packet arrives at Router 2, the only addressing information is source and destination IP. Router 2 receives the packet from Router 1 and removes the PPP header. It determines if the packet is destined for a network directly connected to it, this is based on the destination IP address.

87

Then Router 2 looks at the destination IP address and does an ARP look-up. If there is not a match for Computer Z’s IP address, the router does an ARP request. Computer Z responds to the ARP request and an IP to MAC mapping is placed in the router ARP cache. Router 2 places an Ethernet header on the packet with the source MAC as Router 2, the destination MAC as Computer Z, the source IP address as Computer A, and the destination IP address as Computer Z.

88

Internetworking Concepts

Review Questions

89

1. What are the 3 layers in a hierarchical network design? A) Corps, Division, Battalion B) Access, Distribution, Core C) Routers, Switches, Hubs D) Core, Access, Dissemination

2. Name the basic components of IP packet design.

A) Payload, CRC, IP Address B) Source MAC, Destination MAC C) Header, Data, Trailer D) Source IP, Destination IP, Header

3. On a 10 MB Ethernet segment, there are no collisions because data is being

transferred so quickly no two packets are on the segment at the same time. A) True B) False

4. Routers can perform layer 3 to layer 2-address resolution.

A) True B) False

5. Packets on an Ethernet segment: (Choose 2)

A) Can be addressed to all hosts on the segment B) Can only have one destination address or the packet will be dropped C) Are examined by all hosts on the segment D) Are always Unicast

6. The easiest way to change a computer MAC address is to:

A) Click on Network Neighborhood and select “Change MAC” B) Manually reconfigure the ARP cache on the gateway router C) Insert a different Network Interface Card D) When using DHCP simply reboot and your machine will be issued a

new MAC from the address pool 7. Logical addressing is a function of this layer in the OSI model.

A) 7 B) 2 C) 5 D) 3

8. TCP is regarded as a connection-oriented protocol because: (Choose 2) A) It can retransmit data lost during transmission B) Network devices using TCP must be directly connected to a TCP server C) TCP can only be used on devices that are connected to a common LAN D) TCP provides guaranteed, sequential data delivery between two

network devices

90

9. Internet Protocol addresses, and other logical addresses, are structured so that they can:

A) Guarantee packets are delivered intact to the destination B) Retransmit lost or damaged packets C) Identify network information to Layer 3 devices, allowing path

determination choices to be made D) Prevent collisions from occurring on LAN segments

10. The data-link layer examines MAC addresses and performs what other

important functions? A) Error detection B) Data encryption C) Logical Link Control D) Examine the packets to determine the transport protocol being used

11. This layer converts the bits into electrical signals in a wire or photons of light

in optical fiber systems. A) Network B) Data Link C) FDDI D) Physical

12. Data encryption or compression, if used, occurs at this layer.

A) Network B) Application C) Session D) None of the above

13. This layer provides fair access to the media so that no single station

monopolizes the transmission media. A) Physical B) Transport C) Data Link D) Session

14. This layer can establish reliable, acknowledged connections through an ongoing ‘conversation’ with the remote system.

A) Network B) Session C) Transport D) Internet

15. A packet addressed to 172.16.1.2 port 23 from 172.16.1.1 port 1046, is an

example of what type of connection request? A) HTTP server request B) Telnet session C) ARP request D) SMTP service request

91

16. The process of formatting data that allows it to traverse networks and be read at the destination is known as:

A) Fragmentation B) Encoding C) Upper Layer Address Transfer D) Encapsulat ion

17. Considered connectionless, this transport protocol relies on “best effort” to

deliver packets across the network. A) UDP B) PPP C) EGP D) BGP4

18. An Ethernet header with destination address field of all F’s indicates the

packet could be which of the following? A) An echo reply packet B) A directed broadcast C) A multicast packet D) A local broadcast

19. The source MAC address of an IP header can be unicast, multicast, or

broadcast. A) True B) False C) Depends on the transport protocol D) Only if the packet originated from the router

20. The CRC portion of a packet:

A) Identifies the destination port of the packet B) Provides error detection C) Provides packet encryption D) Indicates round trip time

21. When a device receives a packet, this process allows the data portion to

reach the correct application layer function. A) Data Forwarding Protocol B) Transport Packet Flow Process C) Decapsulat ion D) Simple Packet Transfer

22. In the TCP/IP protocol stack, this layer is responsible for choosing the best

path from source to destination. A) Network B) Host-to- Host C) IP D) Internet

92

23. Echo request, echo reply, and trace are messages utilized by what protocol?

A) SNMP B) ICMP C) RARP D) ARP

24. An IP packet with a protocol ID of 6 in the protocol field indicates that the

data portion of this packet is using what protocol? A) OSPF B) UDP C) IPX D) TCP

25. How many bits are contained in the source address field of an IP packet?

A) 1518 B) 64 C) 32 D) 1024

26. Ring topology is not widely used because of the great number of collisions

that occur when more than 10 devices are connected to the network. A) True B) False

27. Because a hub is a layer 1 device, it can isolate which of the following?

A) Broadcast domains B) ARP storms C) Collision domains D) None of the above

28. A router with “IP Directed-Broadcast” enabled on all ports will forward

packets with which of the following destination addresses? A) 148.43.254. 254 255.255.255.0 B) 255.255.255.255 C) 178.21.255. 255 255.255.0.0 D) 0.0.0.0.0.0.0.0

29. In a bus topology, which device absorbs electrical signals in order to clear

the bus so computers can send data? A) Network Interface Card B) Terminator C) T- connector D) Repeater

30. All devices sharing the same LAN segment also share:

A) The same collision domain only B) The same broadcast domain only C) The collision and broadcast domain D) The same administrative domain

93

31. RJ-45 refers to: A) The type cable used for LAN connections B) The connector specification C) 8 wire cable and connector D) 6 wire cable and connector

32. Layer 2 switches separate:

A) Collision domains B) Local broadcast domains C) Directed broadcast domains D) All of the above

33. This protocol is used to determine the media specific data link address that

corresponds to a given IP address. A) ICMP B) SNMP C) Source-route protocol D) ARP

34. This network device can separate collision, broadcast domains, and connect

media types that have different data link framing. A) Network server B) Router C) Source-route bridge D) Intellige nt hub

35. When configuring a Cisco router if you do not specify PPP as the layer 2

encapsulation for point-to-point serial links it will default to which protocol? A) SLIP B) ATM C) HDL C D) Frame Relay

TAB

Insert Tab # 3 Here

Layer 2 Switching

95

96

What is Ethernet Switching ?

RG-58 and Terminators

CAT -5 and Hub

Bridges separate Collision Domains

Switching

Bridge

Ethernet switching evolved from a need to provide high-speed access and geographical separation on local area networks. Initial networks provided access through RG-58 thinnet cable, T-connectors, and Terminators. Disadvantages of this type network were quickly realized. For example, if anywhere along the cable segment a break or disconnect occurred, the entire network would be disabled. The next major evolution of Local Area Network access involved the introduction of Hubs and Category 5 cable. The hub provided a central point for connection of all user devices. The hub however worked only at layer 1 and simply passed all information received on one port out all others. Congestion of Local Area Networks drove the development of bridges that allowed the isolation of traffic between segments of the LAN. This was accomplished by allowing the bridge to examine the frame (layer 2) header and to determine the source (MAC address) of the traffic. The bridge could then build a table that would show the topology and traffic could be filtered to allow it to flow only to needed segments. This is termed as separating “collision domains”. Bridges initially were nothing more than a computer with two LAN cards installed and specialized software that allowed for the table to be built and queries to be made against the table that would control the traffic between segments of the network. This was often slow and costly to implement.

97

As technology evolved and the cost came down, the mechanism of bridging could be placed directly on each port of the bridge. This was accomplished utilizing ASIC (application specific integrated circuits) and allowed a bridge to now have many ports, each of which had the capability to separate collision domains. This new implementation is what is now termed “switching”.

98

What is Switching ???

1. Hubs operate at Layer 1.

2. Layer 2 LAN Switches and Bridges operate at Layer 2 of the OSI reference model.

3. Switches and Bridges must have more intelligence in order to examine the Layer 2 Frame.

4. The Source and Destination MAC addresses are examined.

5. A Table can be built from the Source addresses that enables the Switch or Bridge to “decide” which ports the traffic needs sent out.

6. From this point a frame can be “switched” from one port to another.

Hubs operate at Layer 1, meaning they do not examine any headers. They simply regenerate the electrical signals received out all other ports. Layer 2 LAN Switches and Bridges operate at Layer 2 of the OSI reference model, meaning the frame received is actually examined for information so the frame can be sent to the appropriate location. Switches and Bridges must have more intelligence in order to examine the Layer 2 frame. This implies processing power and storage capabilities. The Source and Destination MAC addresses are examined, as well as some optional trunking and VLAN information. A Table is built from the Source addresses, which enables the Switch, or Bridge, to “decide” which ports the traffic must be sent out.

99

Switch use in Topology

Multi-Access Point for Users

Hub Multi-Access

SWITCH SWITCHCrossover

Crossover

A switch or bridge learns of the MAC addresses attached to each port by listening to the traffic and examining the source MAC address of the incoming frame. The MAC addresses to port mappings are stored in a MAC database. The database is commonly referred to as the MAC table or the Content-addressable memory (CAM table). When a frame is received by the switch or bridge, the MAC table is consulted to determine the port that can reach the station identified in the destination portion of the frame. If the destination MAC is found in the MAC table the frame is transmitted on only the port listed. If the destination MAC is not found the frame is transmitted on all outgoing ports except on the one from which it was received.

100

Cut Through

Store & Forward

Fragment Free

The Switch checks the frame header for the destination MAC and immediately begins forwarding the frame

The entire frame is read into memory and the FCS is checked as well as the destination MAC before the frame is forwarded

Only the first 64 bytes are read to determine the destination MAC, the switch then immediately begins forwarding the frame. Collisions occur within the time required to read 64 bytes.

Fastest, but no error checking

Slow, has error checking

Fast, with error checking

Modes of Switching

Cut Through In the cut through mode, the switch or bridge checks the destination address as soon as the header is received and immediately begins forwarding the frame. There is a significant decrease in latency compared with the store and forward mode. The delay in cut through switching remains constant regardless of frame size because this switching mode starts to forward the frame as soon as the switch or bridge reads the destination addresses. In some switches and bridges, only the destination addresses are read. Some switches and bridges continue to read the FCS and keep a count of errors. Although the switch or bridge will not stop an errored frame, if the error rate is too high, the switch or bridge can be set, manually or automatically, to use the store and forward mode instead. This is often known as “adaptive cut through”. It combines the low latency advantage of cut through and the error protection offered by store and forward. Store and Forward In the store and forward mode, the switch or bridge receives the complete frame, and then forwards it. The destination and source addresses are read, the Frame Check Sequence is performed, the relevant filters are applied, and the frame is forwarded. If the FCS is bad, the frame is discarded. Latency through the switch or bridge varies with frame length.

101

Fragment Free In the fragment free mode, the switch or bridge will read the first 64 bytes, which is the minimum Ethernet frame size, before forwarding the frame. Usually, collisions happen within the first 64 bytes of a frame. When a collision occurs, a fragment (a frame less than 64 bytes) is created. By reading 64 bytes, the switch or bridge can filter out collisions. The fragment free mode has higher latency than the cut through mode. Fragment free can detect fragment frames and discard them rather than forwarding them, in contrast to cut through, which will forward fragmented frames if the destination address exists. Switching mode can be verified by using the “show port system” command.

102

Building the MAC Database

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

E-3

E-2

E-1

E-0

Initially the switch MAC Database will be empty. Each frame received will be flooded out all ports. As MAC address are mapped to ports the switch can “learn” the port to forward the frame on.

AAAA.AAAA.AAAA

Frame

Frame

FrameFrame

A switch or bridge maintains a MAC Database to track the locations of devices that are connected to it. The size of the MAC Database varies on the hardware. The Catalyst 2950 series can hold up to 8192 entries. When a switch or bridge is first initialized, the MAC Database is empty. When the Database is empty, the switch or bridge must forward each frame to all connected ports other than the one on which the frame arrived. Forwarding a frame to all connected ports except the port on which the frame arrived is termed “flooding.” Flooding is the least efficient way to transmit data across a switch or bridge because it wastes bandwidth.

103

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

As traffic is heard on each port the switch can “MAP” the MAC to the port. All further communications will be sent directly from one port to another and not flooded out all ports

Frame

E-0

E-1

E-2

E-3

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

Frame

Building the MAC Database

As traffic is generated and received on each switch port, it is stored in temporary buffer space while the MAC Database is checked for an entry, which matches the destination MAC received in the frame. Because there is no match, the switch must perform two operations: 1) populate the MAC Database by “learning” the source address and associating that with the port on which the frame was received, and 2) flood the frame out all other ports. A MAC Database entry is created, which stays in the MAC Database up to the age time (default 300 seconds on a 2950 series switch). If station A does not transmit another frame to the switch before the age time expires, that entry will not be refreshed and will be removed from the database. Because the MAC address table has a limited size, the age time helps to limit flooding by remembering the most active stations on the network. The age time also accommodates station moves. Aging allows the switch or bridge to forget an entry about a station that has been removed. If a station is moved from one port to another port, the switch or bridge will immediately learn the new location of the station as soon as that station begins to transmit frames to the switch or bridge on the new port.

104

Broadcast and Multicast

Broadcast and Multicast frames may be of interest to all stations, therefore the switch normally “floods” the frame out all ports.

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

DDDD.DDDD.DDDDE-3

CCCC.CCCC.CCCCE-2

BBBB.BBBB.BBBBE-1

AAAA.AAAA.AAAAE-0

Frame

Frame

FrameFrame

Broadcast and multicast frames are a special case. Because broadcast and multicast frames may be of interest to all stations, the switch or bridge normally floods broadcast and multicast to all ports other than the originating port. A switch or bridge never learns a broadcast or multicast address because broadcast and multicast addresses never appear as the source address of a frame.

105

Switch and Hub

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

DDDD.DDDD.DDDDE-2

CCCC.CCCC.CCCCE-2

BBBB.BBBB.BBBBE-1

AAAA.AAAA.AAAAE-0

In this scenario, the switch has a fully populated MAC Database, which shows that station C and D are connected to the same port. For traffic from C to D or D to C, the switch will not forward the frame to any other ports. Additionally, any traffic destined for MACs C or D will both be forwarded out port 2.

106

Problems in Redundant Networks

Broadcast Storms, Multiple frame transmissions, MAC table instability

It is common in network design to implement redundancy to reduce outages during equipment failures. While these designs may eliminate the possibility that a single point of failure will result in loss of function for the entire switched network, problems that can occur with redundant designs must be taken into consideration. A common problem is a “broadcast storm.” This occurs when each switch on a redundant network floods broadcast frames endlessly. Switches flood broadcast frames to all ports except the one on which the frame was received. Broadcast storms: Without some loop avoidance process in operation, each switch will flood broadcasts endlessly. This situation can be catastrophic, as it will eventually consume all bandwidth. Multiple frame transmissions: Multiple copies of unicast frames may be delivered to destination stations. Many protocols expect to receive only a single copy of each transmission. Multiple copies of the same frame may cause unrecoverable errors. MAC table instability: Instability in the MAC table results from copies of the same frame being received on different ports of the switch. Data forwarding may be impaired when the switch consumes the resources that are coping with instability in the MAC table.

107

Broadcast Storm Example

SW - A

A

Redundancy eliminates single points of failures. GOOD

Redundancy causes, broadcast storms, multiple frame copies, and MAC Database instability !!! BAD

Segment 1 Segment 2

SW - B

Using the above diagram, consider the following: When host A sends a broadcast frame, such as an ARP (address resolution protocol) for its default gateway (router supporting the LAN), the frame will be received at SW – A. Switch A examines the destination address field in the frame and determines that the frame must be flooded onto all other ports or out to segment 2. When this copy of the frame arrives at switch B, the process repeats, and a copy of the frame is transmitted back onto segment 1. Because the original copy of the frame also arrives at SW – B via Segment 1, these frames travel around the loop in both directions, even after the destination station has received the frame.

108

Spanning Tree

Spanning Tree Protocol (STP) is a loop prevention protocol.

It communicates with other switches to discover physical loops.

Specifies an algorithm to create a loop free logical topology.

SW 1

SW 2 SW 3

X

Port Blocked by STP

STP allows all the switches within a topology to decide on a common reference point (root). Once the root is designated, all switches determine the best path to the root. Ports that are not part of this best path are then blocked thereby preventing switch loops. The most common reason a loop occurs in a network is as result of an attempt to provide redundancy (if Link A fails then link B takes over). They can and often do occur by mistake. Loops in a layer 2 network can be disastrous.

109

Elements used by STP

Two Key Spanning-Tree Protocol Concepts1. Bridge IDs

An 8-byte field composed of a Bridge Priority and MAC.

2. Path CostsCumulative numerical cost to evaluate how close this switch is to other bridges.

The spanning tree protocol makes extensive use of two key concepts when creating a loop-free topology:

1. Bridge ID 2. Path Costs.

The Bridge ID is a single, 8-byte value, defined for use by Spanning Tree Protocol, which represents a bridge or switch. The first 2 bytes consist of a priority value, and the last 6 bytes typically consist of a MAC address on the bridge or switch. By default, the priority field is set to 32768, which are centered between the lowest value of 0 and the highest value of 65535, the lower the value, the higher the priority, which results in a better chance of it becoming the root. Path Cost is the cost to reach the root from this switch or bridge. The lower the path cost the better the path, with a range of costs being between 0 and 65535. Costs are set based on the actual link speed.

110

MAC address assigned to Switch

Bridge Priority

Bridge ID

Range 0 – 65535

Default = 32768

This is the MAC address assigned to the Switch, not one of the ports on the switch.

The Bridge ID is an 8-byte field composed of the Bridge Priority and the MAC assigned to the Switch. The Bridge Priority field consumes two of the 8 bytes. Since two bytes represent 16 bits, it can be determined that the range can be from 0 through 65,535. By default, the priority is set to the middle of the range resulting in a default value of 32768. The MAC address can come from various sources dependant on hardware. Typically, this address is from the Backplane, but can be from the supervisor module in some of the multilayer switches.

111

Path Cost

1All Above210 Gbps41 Gbps6622 Mbps14155 Mbps19100 Mbps3945 Mbps6216 Mbps10010 Mbps2504 Mbps

Speed Cost

Initially the method to calculate the cost of a link was based on the formula of 1000Mbps divided by the bandwidth of the link in Mbps. Example a 10BaseT link has a cost of 100 (1000Mbps / 10 = 100). Fast Ethernet, or 100BaseFX would have a cost of 10 (1000Mbps / 100 = 10). This formula worked well until the rise of Bandwidth above a Gigabit, which resulted in all bandwidths above 1 Gigabit receiving a cost of 1. The solution was that the IEEE manually set the cost to use a non-linear scale, which is not set to a specific formula. The costs are set as displayed in the slide above.

112

BPDU

Bridge Protocol Data Unit

Used by the Switch as the mechanism to communicate with other switches that are directly connected.

Port ID – Defines what port on the sender that this BPDU originated.

Sender BID – Defines the BID of the switch who sent this BPDU.

Root Path Cost – Identifies the total path cost (BW) to the root bridge.

Root BID – Identifies the BID of the Root Bridge as determined by the switch that originates the BPDU.

BPDUs are special packets that bridges use to exchange topology and spanning tree information with each other. BPDUs are by default sent out every two seconds. BPDUs are switch to switch and they do not carry any end user traffic. At a minimum, the BPDU contains the following:

˚ Root BID – Identifies the BID of the Root Bridge as determined by the switch that originates the BPDU.

˚ Root Path Cost – Identifies the total path cost (BW) to the root bridge. ˚ Sender BID – Defines the BID of the switch who sent this BPDU. ˚ Port ID – Defines what port on the sender that this BPDU came from.

Remember that the Root BID is the bridge ID of the current Root and the Sender BID is the bridge ID of the local switch.

113

Convergence Factors

1. Lowest Root BID

2. Lowest Path Cost to Root

3. Lowest Sender BID

4. Lowest Port ID

A switch uses a four-step process to save a copy of the best BPDU seen on every port. When making this evaluation, it considers all of the BPDUs received on the port as well as the BPDU that would be sent on that port. As each BPDU arrives, it is checked against this four-step process to see if it is more desirable (lower in value) than the existing BPDU saved for that port. If the new BPDU is more desirable, the old value is replaced. The saving the best BPDU practice also controls the sending of BPDUs. When a switch first becomes active, all of its ports are sending BPDUs every 2 seconds until it hears a BPDU from another switch that is more desirable than the one it has been sending. If it hears a more desirable BPDU, the local port stops sending BPDUs. If the more desirable BPDU stops arriving from a neighbor for more than 20 seconds by default the local port can resume send BPDUs. The four factors above are applied to the STP convergence process (4 steps) to determine the Root Bridge, root ports, designated ports, and blocked ports. Follow on factors are only utilized if a tie is encountered. Example: when comparing two BPDUs, it would only utilize the path cost factor if the Root BID were the same (tie).

114

STP Convergence Steps

Step 1. Elect one Root Bridge

Step 2. Elect Root Ports

Step 3. Elect Designated Ports

Step 4. Block All other Ports

The initial convergence of STP can be broken down into four steps:

1. Elect one Root Bridge 2. Elect Root Ports 3. Elect Designated Ports 4. Block All other Ports

When the network first starts, all of the bridges are announcing a mix of BPDU information. The bridges immediately begin applying the four-step process that allows the bridges to hone in on the set of BPDUs that form a single tree spanning the entire network. A single Root Bridge is elected to act as the Core of the tree, (Step 1). The remaining switches must calculate a set of Root Ports (Step 2) and designated ports (Step 3) to build a loop-free topology. The four factors from the previous page are utilized for each step above. Follow on factors are only used in case of a tie.

115

STP States

Administratively DownDisabled

Receives BPDUs onlyBlocking

Determining Loop Free TopologyListening

Building the MAC databaseLearning

Sending and receiving user dataForwarding

State Purpose

Initially, all switch ports begin in the blocking state, where they listen for BPDUs. When the first switch boots up, it thinks it is the root, and will transition to the listening state. An absence of BPDUs for a period of time is called the MAXAGE, which by default is 20 seconds. If a port is in the blocking state and does not receive a new BPDU within this time the switch will transition from blocking to listening. When a port is in the listening state, it is able to send and receive BPDUs to determine the loop free topology. At this point no user data is being passed. During the listening state, the bridge performs the four steps needed to converge. The time it takes for a port to transition from the listening state to the learning state or from the learning to forwarding is called the forward delay. The value by default is 15 seconds The learning state reduces the amount of flooding required when data forwarding begins. If a port is a designated port or a root port at the end of the learning state, it will transition to forwarding.

116

Step 1 Elect A Root Bridge

Each switch starts assuming it is the Root.

BPDU is created announcing itself as root and sent out all ports every 2 seconds.

As other switches receive the BPDUs they will either agree or disagree with the root based on its knowledge of the root (lowest BID).

Each switch begins by claiming to be the root bridge and as such develops and transmits out all ports, a BPDU every two seconds announcing the following:

˚ Who the Switch is ˚ Who the root is ˚ The cost to get to the root

Based on the information contained in the BPDU, the receiving switch can make a comparison between other BPDUs previously received to determine its own best path to the root.

117

Election of Root Switch

Default Priority = 32768

MAC 11-11-11-11-11-11

MAC 22-22-22-22-22-22 MAC 33-33-33-33-33-33

SW 1

SW 3SW 2

When a Switch first boots it always places its BID in both the Root BID and Sender BID fields of the BPDU. This effectively states that each switch begins by believing it is the root. Example, suppose SW 2 boots first, a few minutes later SW 3 boots and announces itself as the Root Bridge. When SW 3’s BPDU arrives at SW 2, it is ignored, because SW 2 has a lower BID. When SW 3 receives a BPDU from SW 2 it will learn that it is not the root and will announce all following BPDUs indicating SW 2 as the root. When SW 1 joins the network, the process is repeated with SW 2 now releasing the root responsibility to SW 1.

118

All the Root Switch Ports

After winning the election of Root Switch, all of its assignedports will become designated ports, meaning they will “forward traffic or frames”.

SW 1

SW 3SW 2

Root

Designated Ports

The term Designated port implies that STP has compared the cost from all ports with connectivity to a particular segment or (LAN) and has determined that the port with the lowest cost to get to the root should be the switch that provides service for user data on that segment. In the case above it is obvious that all ports on the root switch itself will have the lowest cost to reach the root.

119

Step 2 Elect Root Ports

Every Non-root switch must select one root port.

The Root Port is the port that is closest (in terms of cost) to the Root Switch.

The cost is cumulative of all links to the root and is reported in the BPDUs originated from the Root Switch.

If costs are equal, the switch will choose the lowest sender BID (remember the four factors for a STP choice).

The process of choosing the root bridge begins with all bridges claiming to be the root by sending hello BPDUs with their bridge IDs and priorities. If a bridge hears of a better candidate, it stops advertising itself as root and starts forwarding the hello sent by the better bridge.

120

Election of Root Ports

Cost = 19

Cost = 19

Cost = 19

Root

BPDU Cost 0

BPDU Cost 0

BPDU Cost 0 19

BPDU Cost 19

BPDU Cost 19 38

BPDU Cost 0 19

SW 1

SW 2 SW 3

Switch 3 Chooses its root port by choosing between the two received BPDUs. The lowest cost wins.

When SW 1 (root) sends out BPDUs, they contain a Root Path Cost of 0. When SW 2 receives this BPDU, it adds the Path Cost to the Root Path Cost contained in the received BPDU. SW 2 then uses the value of 19 internally and sends BPDUs with a Root Path Cost of 19 out its other ports. When SW 3 receives this BPDU, it increases the Root Path Cost to 38. SW 3 is also receiving BPDUs from the Root with a cost of 0, and SW 3 must increase the cost to 19 internally. At this point SW 3 must decide on a single Root Port, in which case it selects the port on which it received the BPDU that incremented to 19.

121

Step 3 Elect Designated Ports

Each segment (LAN) must have a designated port.

The designated port is on the switch responsible for sending and receiving traffic on that link.

If only one port handles traffic for each link there can be no loops.

Each segment (LAN) in a switched network has one designated port. This port will function as the single switch port that both sends and receives traffic to and from that segment and the Root Bridge. The Designated Ports are chosen based on cumulative Root Path Cost to the Root Bridge.

122

Election of Designated Ports

SW 1

SW 2 SW 3

Segment 1

Segment 3

Segment 2

Root

Cost 0 Cost 0

Cost 19 Cost 19

Cost 19 Cost 19

Designated Ports

X

Once the election of designated ports is complete, all other ports on the segment are placed in the blocking state. This last step is what breaks the loop.

SW2 and SW3 both announce a BPDU onto segment 3. The BPDU with the lowest cost to the root wins. In the case of a tie the lower BID of the announcing switch wins.

Look first at segment 1. There are two switch ports on that segment, SW 1 has a cost of 0 (it is the root) SW 2 has a cost of 19 after traversing the 100Mbps link. Because SW 1 has a lower cost on the segment, it becomes the designated port for this link. For segment 2, the scenario is the same. It is important to note that every active port on the Root Switch will become a designated port. Segment 3 on the other hand results in a tie when looking at the cost. Recall the four factors utilized for convergence:

1. Lowest Root BID 2. Lowest Path Cost to Root Bridge 3. Lowest Senders BID 4. Lowest Port ID

All three switches are in agreement that the Root is SW 1 causing the second step to be invoked, however since there is a tie in this step (both path costs being 19) the third step is used; SW 2 has a lower BID than SW 3 and therefore it becomes the designated port.

123

The Root’s Role

After winning the election of Root Switch, it has the responsibility to announce BPDUs every 2 seconds by default.

Each subordinate switch forwards the BPDU after adding its cost to reach the Root.

Because the BPDUs follow the same path as data, when a switch does not receive the BPDU it knows something has failed.

If it does not receive a BPDU within 20 seconds (default), the subordinate switch can initiate a TCN (topology change notification) BPDU which notifies all switches that it is transitioning a blocking port to the “listening” state.

The TCN BPDU triggers the receiving switches to age out their MAC Tables.

After winning the election of Root Switch, it has the responsibility to announce BPDUs every 2 seconds by default. Each subordinate Switch forwards the BPDU after adding its cost to reach the Root. Because the BPDUs follow the same path as Data, when a switch does not receive the BPDU it knows something has failed. If it does not receive, a BPDU within 20 seconds (default) the subordinate switch can initiate a TCN (topology change notification) BPDU, which notifies all switches that it is transitioning a blocking port to the “listening” state. The TCN BPDU triggers the receiving switches to age out their MAC Tables

124

Topology Change

SW 1

SW 2 SW 3

Segment 1

Segment 3

Segment 2

Root

Cost 0 Cost 0

Cost 19 Cost 19

Cost 19 Cost 19

X

SW 3 ceases to receive BPDUs from root for more than “MaxAge”

SW 3 still receives BPDUs on blocked port and now declares this port to be the root port

SW 3 transitions port to listening and at same time announces TCN BPDU (Time out your MAC table)

SW 2 Reacts to TCN by Timing out it’s MAC and forwarding TCN toward Root

Root informs all other Switches of TCN20Sec. to Reach MaxAge

15 Sec. in listening state

15 Sec. in learning state

50 Sec. Total

After the STP topology has been set, it does not change unless the network topology changes. The root switch sends a new hello BPDU every 2 seconds by default. Each switch forwards it, changing the cost to reflect that switches added cost to reach the root. Each switch uses this repetitive hearing of the BPDUs from the root as a way to know that its path to the root is still working, because the BPDU follows the same path as all the data frames. When a bridge stops receiving the BPDUs, something has failed, so it reacts and starts the process of changing spanning tree.

125

Rapid Spanning Tree Protocol

• Elects Root Switch the same as STP

• Elects Root Ports the same as STP

• Elects Designated Ports the same as STP

• Compatible with STP 802.1d

• Difference is RSTP converges much faster when topology changes occur

RSTP (802.1w) can be deployed alongside traditional STP (802.1d) switches, with RSTP features working in switches that support it, and STP features working in the switches to support only STP. RSTP improves network convergence when topology changes occur. STP convergence has essentially three time periods, each of which RSTP improves upon.

126

RSTP Terminology & Concepts

SW 1

SW 2 SW 3

Link type Point to Point

Edge Type Point to Point

SW 1

SW 2

HUB

HUB

Edge Type Shared

Link Type Shared

• RSTP reduces convergence time for link type PT-PT and Edge Type connections

• There is no reduction in convergence time for Link Type shared

The figure on the left shows a typical campus design today, with no hubs. All the switches connect with Ethernet cables, and all the end user devices connect directly. The IEEE defined RSTP to improve convergence in these types of networks. The figure on the right show networks still utilizing hubs for connections between the switches as well as for connections to end user devices. Most networks do not use hubs anymore. RSTP calls Ethernet connections between switches links and calls Ethernet connections to end user devices edges. Two types of links exist: point-to-point, and shared. RSTP does not distinguish between point-to-points and shared for edge connections.

127

RSTP Convergence

Edge Type (Same as Portfast)RSTP improves convergence for edge type connections by immediately placing the port in the forwarding state

Link Type “Shared”RSTP does not improve convergence

Link Type “Point to Point”MaxAge improvement: RSTP recognizes loss of path to the root in 3 times the hello interval as opposed to 10 times.Forward Delay improvement: RSTP actively negotiates with neighboring switches to determine ports which can be transitioned immediately.

RSTP removes the need for listening state and reduces the time required for learning state by actively discovering the network’s new state. In comparison, STP passively waits on new BPDUs, and reacts to them during the listening and learning states. With RSTP, the switches negotiate with neighboring switches. When ports that can be transitioned immediately to forwarding state are discovered, they are transitioned immediately. In many cases, the process takes only a second or two for the whole RSTP domain. STP convergence has essentially three time periods, each of which RSTP improves upon. First, a switch must cease to receive root BPDUs for MaxAge (STP = 20 seconds or 10 times hello interval of 2 seconds, RSTP 6 seconds or 3 times the hello interval) before it can begin to transition any interfaces from blocking to forwarding. For any interfaces that need to transition from blocking to forwarding, the interface must endure “Forward Delay” (15 seconds) during the listening state and “Forward Delay” (15 seconds) again during the learning state, for a total of 50 seconds.

128

Example of RSTP Convergence

Initial Topology

Better BPDU

Root

SW 4 recognizes better BPDU

SW 4 Needs to transition new link to Forwarding

SW 4 blocks all other ports, which prevents possibility of other loops

SW4 negotiates with SW1 using proposal and agreement messages resulting in each end being placed in forwarding state immediately

Upon moving the new link to forwarding, the process is repeated between SW 4 and SW 3

X

SW 4

SW 3

SW 2

SW 1SW 1

SW 2

SW 3

SW 4

RSTP Actively negotiates new port states, STP Passively waits for timers to expire.

19

19

19

19

19 100100

The initial topology has no redundancy. Another link type point to point is added between SW 1 and SW 4 as shown on the right, RSTP will need to converge. The first step occurs when SW4 hears the better BPDU from SW1. Since the BPDU from the old path contains a cost to reach the root of 138 and the new one has a cost of 19 SW4 knows it needs to transition to forwarding on the new link. At this point, we see the difference between STP and RSTP. SW4 now blocks all of its other link type ports. By doing this, it has prevented the possibility of loops. SW4 then begins a negotiation with SW over the new link. The negotiation results in an agreement between the two that they both can place their ports into forwarding state immediately. This results in new topology altogether as the process is repeated between SW4 and SW3 when SW4 forwards out the new BPDU from SW1 announcing a cost of 38, remember that even though the port is blocked for traffic, it still is open for BPDUs.

129

Default Switch Configuration

When shipped the Switch default configuration includes the following:

Member of Vlan 1 (discussed later)All Ports

NoneConsole password

Enabled Spanning Tree

Auto negotiate duplex mode100BaseT port

EnabledCDP

0.0.0.0IP Address

When the switch is shipped, it is ready to be used, however some items, which will be unique to your network, can only be set to a default value. Above you will see the most common settings that you may be tasked to customize to meet the needs of your network.

130

Common Configuration Changes

Hostname

Passwords

IP Address

Default Gateway

VLAN assignments

Port duplex and speed

Port Security

Saving and Clearing Configurations

VTP Configuration

The above figure lists the most common configuration requirements for layer 2 switching. Each of the topics will be discussed in the following pages.

131

Available Prompts

Enters user EXEC after setup is

complete

Consists of a set of questions with no prompt of its own

From privileged EXEC mode, type setup or

automatic if no config found in NVRAM during

initialization

Setup Mode

BootSwitch:Hold mode key while applying power to

switch

ROM Monitor

Exit, end, or CTRL Z

Switch(config)#From Privileged Exec, type

configure terminal

Global Configuration

(config t)

disableSwitch#From User Exec, type enable

Privileged Exec (enable)

logoutSwitch>Log InUser EXECExit MethodPromptAccess MethodCommand Mode

The Cisco IOS user interface provides access to several different command modes. Each command mode provides a group of related commands that allow you to configure or monitor your switch. Entering a question mark (?) at the system prompt allows you to obtain a list of commands available for each command mode. • User EXEC mode - After you log in to the switch, you are automatically in user EXEC command mode. In general, the user EXEC mode contains nondestructive commands that allow you to connect to remote devices, change terminal settings on a temporary basis, perform basic tests, and list system information. User EXEC mode is indicated by the device host name followed by the angle bracket (>). • Privileged EXEC mode - The privileged EXEC mode commands set operating parameters. The privileged commands include those commands contained in user EXEC mode, as well as the configure command through which you can access the remaining command modes. Privileged EXEC mode also includes high-level testing commands, such as debug. To enter privileged EXEC mode, enter enable at the user EXEC prompt. The privileged EXEC mode prompt consists of the device host name followed by the pound sign (#).

132

From the privileged level, you can access a number of specific configuration modes: • ROM monitor mode - A command-line interface (CLI) that allows you to configure your switch. ROM monitor mode occurs if your switch does not find a valid system image, or if you interrupt the boot sequence during startup. • Setup mode - This mode is an interactive prompted dialog at the console that helps the new user create a first-time basic configuration. You can also enter setup mode by entering setup at the privileged EXEC prompt. Setup mode consists of series of questions and does not exhibit a defining prompt of its own.

133

Setting Hostname

switch>en

switch#config t

switch (config)#hostname example

example (config)#ctl Z

example#

Setting Password

switch>en

switch#config t

switch (config)#enable secret abc123

switch (config)#line vty 0 15

switch (config-line)#password abc123

switch (config-line)#login

switch (config-line)#line con 0

switch (config-line)#password abc123

switch (config-line)#login

switch (config-line)#ctl z

switch#

134

Setting the IP Addressswitch#config t

switch(config)#int vlan 1

switch(config-if)#ip address 148.43.200.75 255.255.255.240

switch(config-if)#no shutdown

switch(config-if)#ctl z

It is only necessary to configure an IP address for the switch if it is going to be a manageable entity on the network. Realize it will also be necessary to configure a default-gateway. The switch will look like a standard user of the subnet. What 3 pieces of information are required for a PC? Clue: TCP/IP properties

Setting the Default Gateway

switch>enswitch#config tswitch (config)#ip default-gateway 148.43.200.1switch (config)#ctl Zswitch#

The default gateway is utilized whenever it is determined that the address you are attempting to contact is not local to the subnet or vlan to which you are connected.

135

Configuring the Ports

switch>enswitch#config tswitch (config)#int fa 0/1switch (config-if)#speed 10switch (config-if)#duplex halfswitch (config-if)#switchport mode accessswitch (config-if)#switchport port-securitySwitch (config-if)#switchport port-security maximum 1Switch (config-if)#switchport port-security mac-address 0008.aaaa.bbbbSwitch (config-if)#switchport port-security violation shutdown

Switch>en Puts the switch in the enable mode Switch#config t Puts the switch in the global configuration mode Switch (config)#int fa 0/1 Specifies interface fastethernet 0/1 for configuration Switch (config-if)#duplex half Sets the interface duplex ability to half Switch (config-if)#speed 10 Sets the interface duplex speed to 10MBPS When a port is active on a switch any user can plug into the port and access the network. Because many networks use DHCP (Dynamic Host Configuration Protocol) to assign user addresses, it would be very easy for someone with physical access to a network port to plug in his own device and become a user on the network. Switch (config-if)#switchport port-security Turns on port security Switch (config-if)#switchport port-security maximum value

After turning on port security, you need to determine how many different devices will be accessing the ports. The Value option allows you to specify the number of addresses. The default is 1.

136

Switch (config-if) #switchport port-security mac-address 0008.aaaa.bbbb By default, the switches will learn the MAC addresses of the devices that are plugged into that port. If you want to control, which devices can access The switch, use the above command to specify which MAC addresses are secured on a port.

Switch (config-if) #switchport port-security violation {protect | restrict | shutdown}

When a violation occurs, the switch generally protects the port by dropping the traffic associated with the unauthorized MAC address. This means that the switch does not allow those frames through the device, if a frame comes from a device that is configured as secure, the switch will allow it through. This is the meaning of “protect” and is the default. Another option that you can configure is for the interface to move to a “shutdown” state. If this is configured the port remains in the administratively down state until an administrator re-enables the port with the no shutdown command. A third option is “restrict”. If this is selected an SNMP trap will be generated.

137

Saving & Deleting Configurations

switch>enswitch#copy run startThis copies the running configuration to the startup-config file which resides in NVRAM

switch>enswitch#copy start runThis copies the startup-config file from NVRAM into RAM. This will merge what is presently in your running configuration with what is copied in from the startup-config file.

switch>enswitch#copy run tftp://address/filenameAddress or name of remote host [148.43.200.7]?Destination filename [switch1.bin]?This copies the running-config file from RAM to a tftp (trivial file transfer protocol) server. If you do not specify a filename and address, the system prompts for this information.

148.43.200.7 switch1.bin

Saving & Deleting Configurations

switch>enswitch#erase startThis erases the startup-config file from NVRAM. At this point it is commonly followed by a reload, which will cause the switch to boot with a default configuration.

switch>enswitch#delete flash:vlan.datThis deletes the vlan database. The file is recreated as soon as a new vlan is created.

Utilizing both of the above commands, then performing a reload on the switch allows it to be restored to factory values.

138

LAB 1

148.30.1.0 /25Eth 0/1 Eth 0/2

148.30.1.128 /25

.129.1

.130

.131

.132

.2

.3

.4

SW 1

SW 2

SW 3

SW 4

SW 5

SW 6

.101

.102

.103

.201

.202

.203

SW - 1

SW - 2

SW - 3

SW - 4

SW - 5

SW - 6

Notes: Instructor will configure the routers or ask for volunteers Each Switch performs:

˚ Hostname ˚ Enable password ˚ Vty lines configured for telnet ˚ Configure PCs with proper IPs ˚ IP Default-Gateway set globally ˚ Interface van 1 and assigns their associated IP and mask

Lab is complete when you can ping or telnet to any other switch or router in the class from both your switch and PC.

139

VLAN Concept

Router Interface fast Ethernet 0/1

Network 148.43.200.0 255.255.255.240

SW - AInterface fa 0/1 is configured with a /28 mask (16 addresses)

SW – A utilizes default configuration, meaning all of it’s ports are assigned to VLAN-1.

IP address utilization is as listed

If SW – A is a 24 port switch only 12 ports can be utilized, the remaining ports can not support users requiring an IP

.1

.3 .4 .5 .6 .7 .8 .9 .10

.2

VLAN = Subnet

A VLAN is a group of ports on switches that provides service to end stations with a common set of requirements, independent of their physical location. A VLAN has the same attributes as a physical LAN, but allows you to group end stations even if they are not physically located on the same LAN segment. VLANs allow you to group ports on a switch to limit unicast, multicast, and broadcast traffic flooding. Flooded traffic that originates from a particular VLAN floods only to ports belonging to that VLAN. VLANs are created on Layer 2 switches to control broadcasts and collision domains, as well as enforce the use of a layer 3 device (router) for communications off the VLAN. Each VLAN is created in the local switches database for use. If a VLAN is not known to a switch, that switch cannot transfer traffic across any of its ports for that VLAN. VLANS are created by number, and there are two ranges of usable VLAN numbers (normal 1 – 1000 and extended range 1025 – 4096). When a VLAN is created, you can also give it certain attributes such as a VLAN name, VLAN type, and its operational state.

140

VLAN Concept

SW - B

SW - A

SW - C

Subnet A

Subnet C

Subnet B

Example of switching utilizing individual Ethernet ports on the router

Above is one example of a VLAN. All ports on each switch have been assigned to a common VLAN, that VLAN is synonymous with Subnet A from the routers perspective.

141

VLAN Concept


SW - 2

SW - 3

SW - 1

Example of switching utilizing subinterfaces on the router

A router’s Ethernet port can be configured to support separate VLANs on the same physical interface. This is accomplished with the use of “trunking” and will be discussed in detail.

142

VLAN Concept


SW - 2

SW - 3

SW - 1

Example of switching utilizing subinterfaces on the router

Users for all VLANs can now be dispersed throughout the switching topology.

When utilized in this fashion a Layer 2 topology can provide flexibility to match user requirements. By changing port assignments a VLAN member can be moved throughout the physical topology and retain all of its logical assignments.

143

VLAN Trunking

SW - 1 SW - 2Trunk

ISL Cisco Proprietary (Encapsulation)

802.1Q Open Standard (Modified Header)

When using VLANs in networks that have multiple interconnected switches, you need to use VLAN trunking between the switches. With VLAN trunking, the switches tag each frame sent between switches so that the receiving switch knows to which VLAN the frame belongs. With trunking, you can support multiple VLANs that have members on more than one switch.

144

InterSwitch Link Protocol (ISL)

Original Ethernet Frame

Original Ethernet Frame26 Byte ISL Header ISL CRC

DA Type User SA Len AAAA03 HSA VLAN BPDU INDX RES

Spanning Tree per VLAN

Identifies Your VLAN

ISL is Cisco proprietary and can only be utilized between two Cisco devices. It was however; created prior to the IEEE standardized trunking protocol 802.1q. ISL works by fully encapsulating each original frame in an ISL header and trailer. The ISL header includes several fields, but most importantly, the ISL header VLAN field provides a place to encode the VLAN number. By tagging a frame with the correct VLAN number inside the header, the sending switch can ensure that the receiving switch knows to which VLAN the encapsulated frame belongs. In addition, the source and destination addresses in the ISL header use MAC addresses of the sending and receiving switch, as opposed to the devices that actually sent the original frame.

145

802.1Q

Dest Src Len/Etype Data FCS

EtherType (0x8100 PRI X VLAN - ID

Original FCS is replaced with new FCS.

Token RingFlag

The IEEE standardizes many of the protocols relating to LANs today, and VLAN trunking is no exception. After Cisco created ISL, the IEEE completed work on the 802.1Q standard, which defines a different way to do trunking. 802.1Q uses a different style of header than does ISL to tag frames with a VLAN number. In fact, 802.1Q does not actually encapsulate the original frame. Rather, it adds an extra 4-byte header to the original Ethernet header. That additional header includes a field with which to identify the VLAN number. Because the original header has been changed, 802.1Q encapsulations forces a recalculation of the original FCS field in the Ethernet trailer, because the FCS is based on the contents of the entire frame.

146

Switch>en

Switch#vlan database

Switch (vlan)#vlan 100 name test

Switch (vlan)#exit

switch#

VLAN Configuration

To assign ports to the VLAN:Switch>en

Switch#config t

Switch (config)#interface fastethernet 0/1

Switch (config-if)#switchport access vlan 100

Switch (config-if)#ctl z

Switch#

VLAN Configuration Range CMD

Switch>en

Switch#config t

Switch (config)#interface range fast Ethernet 0/1 – 3 , 0/9 - 12

Switch (config-if-range)#switchport access vlan 100

Switch (config-if-range)#no shut

Switch (config-if-range)#ctl z

Switch#

Spaces

147

Trunk Configuration

Switch>en

Switch#config t

Switch (config)#interface fast Ethernet 0/1

Switch (config-if)#switchport mode trunk

Switch (config-if)#switchport trunk allowed vlan remove 2-1001

Switch (config-if)#no shut

Switch (config-if)#ctl z

Switch#By default a trunk link carries all the VLANs that exist on the switch. You can elect to selectively remove and add VLANs from a trunk link. To specify which VLANs are to be added or removed from a trunk link use the above command.

By default, a trunk link carries all the VLANs that exist on the switch. This is because all VLANs are active on a trunk link; and as long as the VLAN is in the switch's local database, traffic for that VLAN is carried across the trunks. You can elect to selectively remove and add VLANs from a trunk link. To do so, use the following commands: Switch (config-if) #switchport trunk allowed vlan remove vlanlist (in the example above it is 2-1001) This command is performed on the interface that is functioning as the trunk. By specifying VLANs in the vlanlist field of this command, the VLANs will not be allowed to travel across the trunk link until they are added back to the trunk using the command: Switch (config-if) #switchport trunk allowed vlan add vlanlist.

148

Router Configuration

interface FastEthernet0/0description Trunk to Switchno ip addressduplex full

interface FastEthernet0/0.1description VLAN 100encapsulation dot1Q 100ip address 148.30.1.1 255.255.255.240



Cisco IOS software has a configuration feature called subinterfaces that creates a logical subdivision of a physical interface. Subinterfaces allow the router to have multiple IP addresses associated with its physical interface by configuring separate subinterfaces. A router can treat each subinterface as if it were an individual link. Each of the subinterfaces would be assigned a different IP address from its associated subnet. In the example above it is seen that interface fastethernet 0/0 has been subdivided into three subinterfaces (note the interface fastethernet 0/0.1) each subinterface receives its own configuration for which subnet it belongs to as well as which encapsulation method to use. The physical interface of fastethernet 0/0 is simply administratively enabled by issuing the command “no shutdown”.

149

VLAN Lab

VLA

N 1

00

VLA

N 2

00

VLA

N 3

00

VLA

N 6

00

VLA

N 5

00

VLA

N 4

00

Trun

ks

Trun

ks

NOTES:

SW 1

SW 2

SW 3

SW 4

SW 5

SW 6

Ports 1 through 3 will be utilized for trunks

Ports 4 through 6 will be assigned to VLAN 100 or 400

Ports 7 through 9 will be assigned to VLAN 200 or 500

Ports 10 through12 will be assigned to VLAN 300 or 600

Instructor provides ip addressing for networks shown.

LAB Notes: Prior to proceeding students should erase start switches and use “delete flash: vlan.dat” and reload to clear the switches configuration Upon reload, students should perform vtp mode transparent at the global configuration prompt. switch (config) # vtp mode transparent Cable the network as shown Note the example router configuration given Ensure the student understands that the VLAN is synonymous with subnet; additionally insure the configurations of the sub interfaces are understood. Instructor leads students through the assignment of IPs pointing out the number of available ports in the vlan and the size of the subnets.

150

Students perform the following: Configure Hostname, Enable Secret Password, VTY Lines Switches 1-3: Assign ports 4 – 6 to Vlan 100 using “switchport access vlan 100” Assign ports 7 – 9 to Vlan 200 using “switchport access vlan 200” Assign ports 10 – 12 to Vlan 300 using “switchport access vlan 300” Switches 4-6: Assign ports 4 – 6 to Vlan 400 using “switchport access vlan 400” Assign ports 7 – 9 to Vlan 500 using “switchport access vlan 500” Assign ports 10 – 12 to Vlan 600 using “switchport access vlan 600” Switch 1 assigns IP address of switch to VLAN 100 using “int vlan 100” cmd. Switch 2 assigns IP address of switch to VLAN 200 using “int vlan 200” cmd. Switch 3 assigns IP address of switch to VLAN 300 using “int vlan 300” cmd. Switch 4 assigns IP address of switch to VLAN 400 using “int vlan 400” cmd. Switch 5 assigns IP address of switch to VLAN 500 using “int vlan 500” cmd. Switch 6 assigns IP address of switch to VLAN 600 using “int vlan 600” cmd. All switches assign “ip default-gateway xxx.xxx.xxx.xxx” (must obtain IP from the IP address scheme) PCs will be addressed first for VLAN 100 (or 400). When a successful ping to the router is completed the PC is readdressed for VLAN 200 (or 500), then VLAN 300 (or 600). Ping and telnet to all other switches to verify lab functionality.

151

VTP (VLAN Trunking Protocol)VTP

Domain

SW 1

SW 2 SW 3

VTP Server

VTP ClientVTP Client

VTP Database Change

VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. VTP reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP sends messages between trunked switches to maintain VLANs on these switches in order to properly trunk. VTP is a Cisco proprietary method of managing VLANs between switches and runs across any type of trunking mechanism. VTP messages are exchanged between switches within a common VTP domain. VTP domains must be defined or VTP disabled before a VLAN can be created. Exchanges of VTP information can be controlled by passwords. VTP manages only VLANs 2 through 1002 VTP allows switches to synchronize their VLANs based on a configuration revision number. The highest revision number overwrites lower revision number VLAN databases. Each time you exit VLAN Database mode, the revision number is increased by one. CAUTION: Offline switches can have high revision numbers if technicians have exited VLAN Database mode repeatedly. Ensure off-line VLAN database revision numbers are lower than the on-line VLAN database revision numbers before bringing a switch on line.

Switches can operate in one of three VTP modes: server, transparent, or client. VTP can prune unneeded VLANs from trunk links.

152

VTP Modes

SW 1

SW 2 SW 3

VTP Server

Can make changes to database and will distribute to all others in domain

VTP Transparent

VLAN info configured here affects only local switch. Domain VTP information is forwarded but not implemented

VTP Client

Cannot make changes to database. Receives updates from server

VTP Server Mode By default, Cisco switches are in VTP server mode. For a VTP server, you can create, modify, or delete a VLAN in the local VLAN database. After you make this change, the VLAN database changes are propagated out to all other switches in server or client mode in the VTP domain. A server will also accept changes to the VLAN database from other switches in the domain. VTP Client Mode Switches in Client mode cannot create, modify, or delete VLANs in the local VLAN database. Instead, they rely on other switches in the domain to update them about new VLANs. Clients will synchronize their databases, but this will not save the VLAN information and will lose this information if they are powered off. Clients will advertise information about their database and forward VTP information to other switches VTP Transparent Mode Transparent mode works much like server mode in that you can create, delete, or modify VLANs in the local VLAN database. The difference is that these changes are not propagated to other switches. In addition, the local database does not accept modifications from other switches. VTP transparent mode switches forward or relay information between other server or client switches.

153

VTP Configuration Example

Switch>en

Switch#config t

Switch (config)#vtp mode [ server | client | transparent ]

Switch (config)#vtp domain domain-name

Switch (config)#vtp password password

Switch (config)#ctl z

Switch#

When using the vtp domain “domain-name” command, “domain-name” is case sensitive. Example if one switch in the Cisco VTP domain and the other is in the Cisco domain, they will not share VLAN databases.

154

VTP Lab

VLAN

100

VLAN

200

VLAN

300

VLAN

600

VLAN

500

VLAN

400

Trun

ks

Trun

ks

SW 1 Server

SW 2 Client

SW 3 Server

SW 4 Server

SW 5 Client

SW 6 Server

Vtp domain: class

Vtp mode: “check slide”

Vtp password: password

The VLANS will be configured after the network is complete. All switches build the network, configure trunks. No VLANs.

˚ Switch 1 configure the switch IP to belong to VLAN 100 “interface VLAN 100” assign the IP and mask






155

All switches enter the “IP default-gateway” command to identify the default gateway for their associated VLAN.

˚ VLAN 100 is added by switch 1 then verified by switch 2 and 3 ˚ VLAN 300 is added by switch 3 then verified by switch 1 and 2 ˚ VLAN 200 is added by switch 2 then verified by switch 1 and 3 (This will

fail and will need to be added by a “VTP Server” Students decide who will add the VLAN)

˚ VLAN 400 is added by switch 4 then verified by switch 5 and 6 ˚ VLAN 600 is added by switch 6 then verified by switch 4 and 5 ˚ VLAN 500 is added by switch 5 then verified by switch 4 and 6 (This will

fail and will need to be added by a “VTP Server” Students decide who will add the VLAN)

156

Layer 2 Switching Review Questions

157

158

1. At what layer do Bridges and Switches work? A. Layer 3 B. Layer 1 C. Layer 7 D. Layer 2

2. A Switch or Bridge builds a MAC table by examining what piece of information

in the Ethernet frame? A. Destination address B. Source Port C. Destinatio n Port D. Source address

3. When a frame is received by the Switch or Bridge, the MAC table is consulted

to determine which port can reach the station identified in the destination address of the frame. If no entry exists, the Switch or Bridge takes what action?

A. Discard the Frame B. Forward the Frame to the Layer 3 Device C. Return Frame to sender D. Flood the frame out all ports except the port it was received on 4. What is the fastest mode of Switching? A. Cut Through B. Store & Forward C. Fragment Free D. Super Fast 5. What is the most reliable mode of Switching? A. Cut Through B. Store & Forward C. Fragment Free D. Super Fast 6. Fill in the Blank: Collisions occur with the time required to read ________

bytes. A. 10 B. 94 C. 128 D. 64

7. What command can be used to determine the mode of switching being

utilized on a Cisco IOS based switch? A. Show switch mode B. Show port system C. Show mode D. Show mode system

159

8. A Cisco 2950 Switch can hold up to how many MAC Database entries? A. 24 B. 48 C. 128 D. 8192 9. Once a Switch or Bridge places an entry into the MAC Database, by default

how long does it stay there if the associated station does not transmit another frame?

A. 5 Minutes B. 300 Minutes C. 5 Hours D. Until Station powers down or moves 10. When a Switch or Bridge receives a Broadcast or Multicast frame, what action

is taken? A. Frame is converted to unicast B. Frame is forwarded to router C. Frame is flooded out all ports other than originating port D. Frame is discarded 11. True or False: It is possible to have multiple MAC addresses associated with

a single port on a Switch? A. True B. False 12. Spanning Tree Protocol is best described as what? A. A layer 2 address resolution protocol B. A mechanism for routers to prevent loopbacks C. A layer 2 loop prevention protocol D. A protocol to limit the size of the layer 2 topology 13. Spanning Tree Protocol uses two key elements, what are they? A. Bridge Costs and Path IDs B. MAC addresses and Frame priority C. Bridge IDs and Path Costs D. Tree diameter and height 14. What is the default value for the priority field associated with the Bridge ID? A. 0 B. 65535 C. 32768 D. 100 15. The last 6 bytes of a Bridge ID consists of what? A. Priority of the Switch B. Name of the Switch C. MAC address of the Switch D. Location of the Switch

160

16. The higher the value of the priority field, the better chance of becoming the STP root, true or false?

A. True B. False 17. Spanning Tree Protocol uses the Path Cost field to determine which of the

following? A. The traffic load on the path B. The cost to reach the root from this Switch C. Who the root is D. The link status 18. BPDUs are sent by the root switch at what interval? A. Every 2 minutes B. Every 30 seconds C. Every 2 seconds D. Every 30 minutes 19. The BPDU contains at minimum, which of the following fields? A. Root BID, Sender BID, Port ID, MAC database version ID B. Root BID, Root Path Cost, Sender BID, Switch Port System C. Root BID, Root Path Cost, Sender BID, Port ID D. Root Port ID, Root Path Cost Sender BID, Port Density 20. What is the proper order for the most significant Convergence Factors?

A. Lowest Port ID, Lowest Root BID, Lowest Path Cost to Root, Lowest Sender ID

B. Lowest Root BID, Lowest Path Cost to Root, Lowest Sender BID, Lowest Port ID

C. Lowest Path Cost to Root, Lowest Root BID, Lowest Sender BID, Lowest Port ID

D. Lowest Sender ID, Lowest Port ID, Lowest Root BID, Lowest Path Cost to Root

21. What is the first step in STP Convergence? A. Elect Root Ports B. Elect Designated Ports C. Elect one Root Bridge D. Block all other Ports 22. What is the second step in STP Convergence? A. Elect one Root Bridge B. Elect Root Ports C. Block all other Ports D. Elect Designate Ports

161

23. What is the purpose of Designated Ports? A. This is the port utilized to reach the router B. This is the port that provides service for user data on that segment C. This port's MAC address is used in the BID D This port will be designated to block all traffic to that segment 24. Which of the following is not one of the five STP Port States? A. Forwarding B. Blocking C. Following D. Disabled E. Learning 25. Initially, all switch ports begin in which state? A. Forwarding B. Blocking C. Following D. Disabled E. Learning F. Listening 26. How long is the default MaxAge Time on a Cisco 2950 Switch? A. 50 Seconds B. 15 Seconds C. 20 Seconds D. 30 Seconds 27. What is the reason for assigning an IP address to a Layer 2 Switch? A. Because all devices connected to an IP network needs an address B. To be able to manage the device remotely C. Because users need the address for their Default Gateway D. So the router has an IP to associate the Switches MAC address to 28. What is the “vlan.dat” file? A. The switch’s configuration file B. The management VLAN’s management data C. The VLAN database D. The VLAN used to reach the root switch 29. What are the two types of encapsulation utilized with switch trunking? A. X.25 and PPP B. ISL and 802.11g C. 802.1q and ISL D. ISL and PPP 30. Who is the best CECOM FMD IT4 instructor? A. Car salesman Mike B. VFW representative John C. Chicken Farmer Bryan D. Super smart and brilliant Tony

TAB

Insert Tab # 4 Here

IP Addressing and Subnet Masking

163

164

One of the most important concepts of Internetworking.

You must be able to design and implement a network topology that meets the customer’s

needs.

It is essential you understand how IP Addresses are used in a network.

IP Addressing and Subnet Masks

Internet Scaling Problems Over the past few years, the Internet has experienced two major scaling issues as it has struggled to provide continuous and uninterrupted growth:

1. The eventual exhaustion of the IPv4 address space. 2. The ability to route traffic between the ever-increasing numbers of

networks that comprise the Internet. The first problem is concerned with the eventual depletion of the IP address space. The current version of IP, IP version 4 (IPv4), defines a 32-bit address which means that there are only 232 (4,294,967,296) IPv4 addresses available. This might seem like a large number of addresses, but as new markets open and a significant portion of the world's population becomes candidates for IP addresses, the finite number of IP addresses will eventually be exhausted. The address shortage problem is aggravated by the fact that portions of the IP address space have not been efficiently allocated. In addition, the traditional model of classful addressing does not allow the address space to be used to its maximum potential. The Address Lifetime Expectancy (ALE) Working Group of the IETF has expressed concerns that if the current address allocation policies are not modified, the Internet will experience a near to medium term exhaustion

165

of its unallocated address pool. If the Internet's address supply problem is not solved, New users may be unable to connect to the global Internet networks (in the thousands). The second problem is caused by the rapid growth in the size of the Internet routing tables. Internet backbone routers are required to maintain complete routing information for the Internet. Over recent years, routing tables have experienced exponential growth as increasing numbers of organizations connect to the Internet -- in December 1990, there were 2,190 routes; in December 1992, there were 8,500 routes; and in December 1995, there were 30,000+ routes. By the early 2000s, the number had reached 210,000. Unfortunately, the routing problem cannot be solved by simply installing more router memory and increasing the size of the routing tables. Other factors related to the capacity problem include the growing demand for CPU horsepower to compute routing table/topology changes, the increasingly dynamic nature of World Wide Web connections and their effect on router forwarding caches, and the sheer volume of information that needs to be managed by people and machines. If the number of entries in the global routing table is allowed to increase without bounds, core routers will be forced to drop routes and portions of the Internet will become unreachable. The long-term solution to these problems can be found in the anticipated widespread deployment of IP Next Generation (IPng or IPv6). However, while the Internet community waits for IPng, IPv4 will need to be patched and modified so that the Internet can continue to provide the universal connectivity we have come to expect. This patching process may cause a tremendous amount of pain and may alter some of our fundamental concepts about the Internet.

166

148.43.200.2

148.43.201.2 148.43.201.3

148.43.200.0 Network

Each Device must have a unique number to identify itself.

Each number contains both the network and host information.

Both the host and the network portions of an address are used to identify a computer’s location.

148.43.200.3

148.43.201.0 Network

The IP Address

IP addresses are actually assigned to device interfaces. If a device has multiple interfaces, then there must be an IP address allocated for each interface.

167

• Is made up of 4 octets.• Each octet is 8 bits in length.• Each IP address is 32 bits in length.

148.43.200.110010100.00101011.11001000.00000001

IP Address (1)

168

148.43.200.1

148 43 200 1

10010100 00101011 11001000 00000001

IP Address (2)

Dotted-Decimal Notation - To make Internet addresses easier for human users to read and write, IP addresses are often expressed as four decimal numbers, each separated by a dot. This format is called dotted-decimal notation. Dotted-decimal notation divides the 32-bit Internet address into four 8-bit (byte) fields and specifies the value of each field independently as a decimal number with the fields separated by dots.

169

A decimal number can be represented bya group of binary 1s and 0s.

Computers do not understand decimal Numbers.

They communicate in 1s and 0s, electrical highs and lows.

0 1 0 1

Decimal to Binary Conversion (1)

0 0 0 0

1 1 1 1

01010101

85

Decimal to BinaryConversion (2)

170

Converting from binary to decimal

1 1 1 1 1 1 1 1128 64 32 16 8 4 2 1 = 255

0 1 0 0 0 0 0 1128 64 32 16 8 4 2 1

Value for Each Bit

0 +64 +0 +0 +0 +0 +0 +1 = 65

Decimal to Binary Conversion (3)

1

128 64 32 16 8 4 2 1

00000001

A Decimal

Is A Binary


0 0 0 0 0 0 0 1

171

7

128 64 32 16 8 4 2 1

00000111

A Decimal

Is A Binary


67

128 64 32 16 8 4 2 1

01000011

A Decimal

Is A Binary


172

220

128 64 32 16 8 4 2 1

11011100

A Decimal

Is A Binary


173

Practical Exercise 1 Decimal to Binary Conversion Convert the following decimal numbers to binary: 1. 10 = _ _ _ _ _ _ _ _ 2. 128 = _ _ _ _ _ _ _ _ 3. 100 = _ _ _ _ _ _ _ _ 4. 255 = _ _ _ _ _ _ _ _ 5. 1 = _ _ _ _ _ _ _ _ 6. 22 = _ _ _ _ _ _ _ _ 7. 3 = _ _ _ _ _ _ _ _ 8. 192 = _ _ _ _ _ _ _ _ 9. 215 = _ _ _ _ _ _ _ _ Convert the following IP Addresses to binary: 1. 10.1.1.0 _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ 2. 121.100.68.53 _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ 3. 148.43.200.254 _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ 4. 99.85.16.16 _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ 5. 220.198.55.71 _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ . _ _ _ _ _ _ _ _ Convert the following binary numbers to decimal: 1. 00000000 = ______ 2. 10000000 = ______ 3. 11000000 = ______ 4. 11100000 = ______ 5. 11110000 = ______ 6. 11111000 = ______ 7. 11111100 = ______ 8. 11111110 = ______ 9. 11111111 = ______

174

NetworkIs a group of devices which share a range of IP addresses. Those addresses include a unique network address, a unique broadcast address and other addresses assignable to host devices.

HostIs any device on the network that is capable of receiving and transmitting IP packets, such as a workstation or a router. Each host must be supplied with a unique IP address.

MaskA mask is applied to the address to define which portion of the address is network specific and which is host specific. The mask is 32 bits long, and is a series of 1s followed by a series of 0s.

IP Addressing Terms

IP addressing is based on the concept of hosts and networks. A host is essentially anything on the network that is capable of receiving and transmitting IP packets, such as a workstation or a router. The hosts are connected together by one or more networks (segments). The IP address of any host consists of its network address and its own host address on the network. Routers deliver packets to networks, not hosts. A mask is used to determine the network and host portion of an IP address. When applied to an IP address, it quite simply defines a range of addresses. The mask determines which IP addresses reside on a given network or segment. The mask is written in the same dotted decimal notation format as the IP address but it is limited to contiguous binary variations, meaning it is a series of all ones, then all zeros. All ones in the first octet is the starting point:

11111111 00000000 00000000 00000000 or 255.0.0.0.

175

Classful IP Addressing

Network NumberNetwork Number Host NumberHost Number

What networkare we in?

Which user on thatnetwork are we?Network

148.43.0.0 /16

Host 148.43.200.76

Classful IP Addressing When IP was first standardized in September 1981, the specification required that each system attached to an IP-based internet be assigned a unique 32-bit Internet address value. Some systems, such as routers, which have interfaces to more than one network, must be assigned a unique IP address for each network interface. The first part of an Internet address identifies the network on which the host resides, while the second part identifies the particular host on the given network. This created the two-level addressing hierarchy.

• Network-Prefix Host-Number • Network-Number Host-Number

In recent years, the network-number field has been referred to as the network-prefix because the leading portion of each IP address identifies the network number. All hosts on a given network share the same network-prefix but must have a unique host-number. Similarly, any two hosts on different networks must have different network-prefixes but may have the same host-number.

176

Primary Address Classes

. . .

. . .

. . .

Class A

Class B

Class C

0

1 0

1 1 0

= Network= Host

Primary Address Classes In order to provide the flexibility required to support different size networks, the designers decided that the IP address space should be divided into three different address classes - Class A, Class B, and Class C. This is often referred to as classful addressing because the address space is split into three predefined classes, groupings, or categories. Each class fixes the boundary between the network-prefix and the host-number at a different point within the 32-bit address. One of the fundamental features of classful IP addressing is that each address contains a self-encoding key that identifies the dividing point between the network-prefix and the host-number. For example, if the first two bits of an IP address are 1-0, the dividing point falls between the 15th and 16th bits. This simplified the routing system during the early years of the Internet because the original routing protocols did not supply a deciphering key or mask with each route to identify the length of the network-prefix.

177

Class A

Class A (1 – 126) (/8 Prefixes)

0 0 0 0 0 0 0 1 . . .

0 1 1 1 1 1 1 0

NETWORK HOST

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

0 0 0 0 0 0 0 00 0 0 0 0 0 0 00 0 0 0 0 0 0 01 0 0 0

126 255 255 255

1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Mask

255 0 0 0

. . .

. . .

Class A Networks (/8 Prefixes) Each Class A network address has an 8-bit network-prefix with the highest order bit set to 0 and a seven-bit network number, followed by a 24-bit host-number. Today, it is no longer considered modern to refer to a Class A network. Class A networks are now referred to as /8s (pronounced, "slash eight" or just "eights") since they have an 8-bit network-prefix. A maximum of 126 (27 -2) /8 networks can be defined. The calculation requires that the 2 is subtracted because the /8 network 0.0.0.0 is reserved for use as the default route and the /8 network 127.0.0.0 (also written 127/8 or 127.0.0.0/8) has been reserved for the "loopback" function. Each /8 supports a maximum of 16,777,214 (224 -2) hosts per network. The host calculation requires that 2 be subtracted because the all-0s (this network) and all-1s (broadcast) host-numbers may not be assigned to individual hosts. Since the /8 address block contains 231 (2,147,483,648) individual addresses and the IPv4 address space contains a maximum of 232 (4,294,967,296) addresses, the /8 address space is 50% of the total IPv4 unicast address space.

178

Class B (128 – 191) (/16 Prefixes)

1 0 0 0 0 0 0 0 . . .

1 0 1 1 1 1 1 1

NETWORK HOST

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

0 0 0 0 0 0 0 00 0 0 0 0 0 0 00 0 0 0 0 0 0 0128 0 0 0

191 255 255 255

1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Mask

255 255 0 0

. . .

. . . 1 1 1 1 1 1 1 1

Class B

Class B Networks (/16 Prefixes) Each Class B network address has a 16-bit network-prefix with the two highest order bits set to 10 and a 14-bit network number, followed by a 16-bit host-number. Class B networks are now referred to as /16s since they have a 16-bit network-prefix. A maximum of 16,384 (214) /16 networks can be defined with up to 65,534 (216 -2) hosts per network. Since the entire /16 address block contains 230 (1,073,741,824) addresses, it represents 25% of the total IPv4 unicast address space.

179

Class C (192 – 223) (/24 Prefixes)

1 1 0 0 0 0 0 0 . . .

1 1 0 1 1 1 1 1

HOST

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

0 0 0 0 0 0 0 00 0 0 0 0 0 0 00 0 0 0 0 0 0 0192 0 0 0

223 255 255 255

1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0

Mask

255 255 255 0

. . .

. . . 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

NETWORK

Class C

Class C Networks (/24 Prefixes) Each Class C network address has a 24-bit network-prefix with the three highest order bits set to 110 and a 21-bit network number, followed by an 8-bit host-number. Class C networks are now referred to as /24s since they have a 24-bit network-prefix. A maximum of 2,097,152 (221) /24 networks can be defined with up to 254 (28 -2) hosts per network. Since the entire /24 address block contains 229 (536,870,912) addresses, it represents 12.5% (or 1/8th) of the total IPv4 unicast address space.

180

. . .

Class D (IP Multicasting)

1 1 1 0

. . .1 1 1 1 1

224 – 239

Class E (Experimental)240 – 254

Class D & E

In addition to the three most popular classes, there are two additional classes. Class D addresses have their leading four-bits set to 1110 and are used to support IP Multicasting. Class E addresses have their leading four-bits set to 1111 and are reserved for experimental use.

181

IP Address Limitations

1. Early requirements were limited.

2. 32 bit address scheme only allows for 4,294,967,296 IPv4 available addresses.

3. Classful A, B and C octet boundaries were easy to allocate but lacked efficient allocation.

Unforeseen Limitations to Classful Addressing The original designers never envisioned that the Internet would grow into what it has become today. Many of the problems that the Internet is facing today can be traced back to the early decisions that were made during its formative years. During the early days of the Internet, the seemingly unlimited address space allowed IP addresses to be allocated to an organization based on its request rather than its actual need. As a result, addresses were freely assigned to those who asked for them without concerns about the eventual depletion of the IP address space. The decision to standardize a 32-bit address space meant that there were only 232 (4,294,967,296) IPv4 addresses available. A decision to support a slightly larger address space would have exponentially increased the number of addresses, thus eliminating the current address shortage problem.

182

The classful A, B, and C octet boundaries were easy to understand and implement, but they did not foster the efficient allocation of a finite address space. Problems resulted from the lack of a network class that was designed to support medium-sized organizations. A /24, which supports 254 hosts, is too small, while a /16, which supports 65,534 hosts, is too large. In the past, the Internet has assigned sites with several hundred hosts a single /16 address instead of a couple of /24s addresses. Unfortunately, this has resulted in a premature depletion of the /16 network address space. The only readily available addresses for medium-size organizations are /24s which have the potentially negative impact of increasing the size of the global Internet's routing table. The subsequent history of Internet addressing is focused on a series of steps that overcome these addressing issues and have supported the growth of the global Internet. Practical Exercise 2 Classful IP Addressing Identify the class of address

1. 121.100.15.1 __________ 2. 10.110.1.1 __________ 3. 148.43.200.3 __________ 4. 127.0.0.1 __________ 5. 220.10.10.99 __________

183

Subnet Masking (1)

In 1985, RFC 950 defined a standard procedure to support the division of single Class A, B and C network numbers into smaller pieces.

In 1985, RFC 950 defined a standard procedure to support the subnetting, or division, of a single Class A, B, or C network number into smaller pieces. Subnetting was introduced to overcome some of the problems that parts of the Internet were beginning to experience with the classful two-level addressing hierarchy:

1. Internet routing tables were beginning to grow. 2. Local administrators had to request another network number from the

Internet before a new network could be installed at their site. Both of these problems were attacked by adding another level of hierarchy to the IP addressing structure. Instead of the classful two-level hierarchy, subnetting supports a three-level hierarchy. The slide on page 23 illustrates the basic idea of subnetting which is to divide the standard classful host-number field into two parts - the subnet-number and the host-number on that subnet. Subnetting attacked the expanding routing table problem by ensuring that the subnet structure of a network is never visible outside of the organization's private network. The route from the Internet to any subnet of a given IP address is the same, no matter which subnet the destination host is on. This is because all subnets of a given network number use the same network-prefix but different subnet numbers. The routers within the private organization need to differentiate between the individual subnets, but as far as the Internet routers are concerned,

184

all of the subnets in the organization are collected into a single routing table entry. This allows the local administrator to introduce arbitrary complexity into the private network without affecting the size of the Internet's routing tables. Subnetting overcame the registered number issue by assigning each organization one (or at most a few) network number(s) from the IPv4 address space. The organization was then free to assign a distinct subnetwork number for each of its internal networks. This allows the organization to deploy additional subnets without needing to obtain a new network number from the Internet. The deployment of subnetting within the private network provides several benefits:

1. The size of the global Internet routing table does not grow because the site administrator does not need to obtain additional address space, and the routing advertisements for all of the subnets are combined into a single routing table entry.

2. The local administrator has the flexibility to deploy additional subnets

without obtaining a new network number from the Internet.

3. Route flapping (i.e., the rapid changing of routes) within the private network does not affect the Internet routing table since Internet routers do not know about the reachability of the individual subnets – they just know about the reachability of the parent network number.

185

Network-PrefixNetwork-Prefix Host-NumberHost-Number

Network-PrefixNetwork-Prefix Subnet-NumberSubnet-Number Host-NumberHost-Number

Two-Level Classful Hierarchy

Three-Level Subnet Hierarchy

Extended Network Prefix(Network-Prefix plus Subnet-Number)

Subnet Masking (2)

Extended-Network-Prefix The extended-network-prefix is composed of the classful network-prefix and the subnet-number.

• Internet routers use only the network-prefix of the destination address to route traffic to a subnetted environment.

• Routers within the subnetted environment use the extended-network-

prefix to route traffic between the individual subnets. The bits in the subnet mask and the Internet address have a one-to-one correspondence. The bits of the subnet mask are set to 1 if the system examining the address should treat the corresponding bit in the IP address as part of the extended-network-prefix. The bits in the mask are set to 0 if the system should treat the bit as part of the host-number.

186

Class A (Subnet Masking Example)

0 0 0 0 0 1 1 1 . . . 0 0 0 0 0 0 0 00 0 0 0 0 0 0 00 0 0 0 0 0 0 0

IP Address

7 0 0 0

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0. . .255 255 0 0

Subnet Mask

Subnet Masking (3)

The extended-network-prefix has traditionally been identified by the subnet mask. For example, if you have the /8 address of 7.0.0.0 and you want to use the entire second octet to represent the subnet-number, you need to specify a subnet mask of 255.255.0.0. The bits in the subnet mask and the Internet address have a one-to-one correspondence. The bits of the subnet mask are set to 1 if the system examining the address should treat the corresponding bit in the IP address as part of the extended-network-prefix. The bits in the mask are set to 0 if the system should treat the bit as part of the host-number.

187

148.43.200.1

148 43 200 110010100 00101011 11001000 0000000111111111 11111111 00000000 0000000011111111 11111111 11111111 00000000

148 43 200 0-255

Subnet Masking (4)

The IP address above, 148.43.200.1, could have only been a host in the 148.43.0.0 network during the classful IP addressing days. The mask for that network, or any Class B network, was 11111111.11111111.00000000.00000000 (255.255.0.0). In fact, the mask did not even have to be stated. Just the fact that the 148.43.0.0 address fell in the Class B range was enough to know. With the birth of subnetting, this IP address can have its network field extended by up to 16 bits. In the example above, the mask has been changed to 11111111.11111111.11111111.00000000, or 255.255.255.0. This reduced the size of the host field by 8 bits at the same time it extended the network field by 8 bits. The resulting network has a host field range of only 256 addresses, instead of the classful range of 65,536 addresses. Having 148 or any other number in the first octet no longer guarantees that the address is using a classful mask, The above IP is no longer necessarily using a Class B mask. Therefore, since subnetting came along, IP addresses must be configured with the mask information included, as in 148, 43,200.1 255.255.255.0.

188

148.43.200.1 255.255.255.0

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 0000000010010100 . 00101011 . 11001000 . xxxxxxxx

Address:Mask:

Network Host

• A bit for bit comparison is conducted between the address & mask.• The address bits that align with ones in the mask are considered network.• The address bits that align with zeros in the mask are considered host.• The point at which the mask changes from ones to zeros divides the address into network and host portions.

Subnet Masking (5)

148.43.200.1 255.255.255.0

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 0000000010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 11111111

148 . 43 . 200 . 0-255

Address:Mask:

Range:

Network Host

Subnet Masking (6)

189

148.43.200.1 255.255.255.128

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 1000000010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 01111111

148 . 43 . 200 . 0-127

Address:Mask:

Range:

Network Host

Subnet Masking (7)

148.43.200.1 255.255.255.192

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 1100000010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 00111111

148 . 43 . 200 . 0-63

Address:Mask:

Range:

Network Host

Subnet Masking (8)

190

148.43.200.1 255.255.255.224

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 1110000010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 00011111

148 . 43 . 200 . 0-31

Address:Mask:

Range:

Network Host

Subnet Masking (9)

148.43.200.1 255.255.255.240

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 1111000010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 00001111

148 . 43 . 200 . 0-15

Address:Mask:

Range:

HostNetwork

Subnet Masking (10)

191

148.43.200.1 255.255.255.248

10010100 . 00101011 . 11001000 . 0000000111111111 . 11111111 . 11111111 . 1111100010010100 . 00101011 . 11001000 . 00000001

10010100 . 00101011 . 11001000 . 00000000 10010100 . 00101011 . 11001000 . 00000111

148 . 43 . 200 . 0-7

Address:Mask:

Range:

HostNetwork

Subnet Masking (11)

192

Available Hosts in Network

148.43.200.0 Network Address

148.43.200.1

148.43.200.14

148.43.200.15 Broadcast Address

Hosts

148.43.200.0 255.255.255.240

Defining Network, Host and Broadcast Addresses According to Internet practices, the host-number field of an IP address cannot contain all 0-bits or all 1-bits. The all-0s host-number identifies the base network (or sub-network) number, while the all-1s host-number represents the broadcast address for the network (or sub-network). In the above example, there are 4 bits in the host-number field of each subnet address. This means that each subnet represents a block of 16 host addresses (24 -2 = 14, note that the 2 is subtracted because the all-0s and the all-1s host addresses cannot be used). The hosts on this subnet are numbered 1 through 14.

193

Network Address

• The network address is used by routers to identify and route packets to the correct destination.

• The network address can be identified by having all 0s in the host field.

• The network address cannot be assigned to a computer or host.

148.43.200.0 255.255.255.0148.43.200.128 255.255.255.128

148.43.200.64 255.255.255.192148.43.200.96 255.255.255.224

Network Address Examples

Broadcast Address

• The broadcast address is used by routers and hosts to send packets to all computers on a network at one time.

• The broadcast address can be identified by having all 1s in the host field.

• The broadcast address cannot be assigned to a computer or host.

148.43.200.255 255.255.255.0148.43.200.127 255.255.255.128

148.43.200.63 255.255.255.192148.43.200.95 255.255.255.224

Broadcast Address Examples

194


148.43.200.65

148.43.200.78


Hosts

148.43.200.69 255.255.255.240

Available Network Hosts (1)

Sample host addressfrom the network


148.43.200.129

148.43.200.130


Hosts

148.43.200.130 255.255.255.252

Sample host addressfrom the network

Available Network Hosts (2)

195

Longer Mask? Smaller Network!

These are the256 /24 Mask networksthat begin with 148.43.

These are the 256 /16 Mask networks that

begin with 148.

Class B Networks148.0.0.0148.1.0.0148.2.0.0

148.42.0.0148.43.0.0148.44.0.0

148.255.0.0

/24 Mask Subnets148.43.0.0148.43.1.0148.43.2.0

148.43.199.0148.43.200.0148.43.201.0

148.43.255.0

148.43.0.0

This is one of the /24 subnets. It can be furthersubnetted in

varioussizes.

/25148.43.200.0 (N)to 148.43.200.127 (B)

/26148.43.200.128 (N)to 148.43.200.191 (B)

.0

.127

.128

.191.192

.255

/27148.43.200.192 (N)to 148.43.200.223 (B)

.224.223

148.43.200.0 255.255.255.0Total IP Range is .0 to .255 for /24 (256 IPs)

148.43.200.0

In the graphic above, the classful Class B networks that begin with 148, with masks of 255.255.0.0 (or /16 in slash notation) are shown on the left, with the 256 possible values for the second octet…148.0.0.0, 148.1.0.0, 148.2.0.0, etc, extending all the way to 148.255.0.0. One of the /16 networks, 148.43.0.0, is shown extracted and broken down into its 256 possible /24 subnets…148.43.0.0, 148.43.1.0, 148.43.2.0, etc, extending to 148.43.255.0. The 256 possible values of the 3rd octet are the result of all the possible combinations of the 8-bit binary number that make up that octet. Notice that as the mask is extended to the right… …as 255.255.0.0 (binary 11111111.11111111.00000000.00000000) becomes 255.255.255.0 (binary 11111111.11111111.11111111.00000000)……the resulting size of the sub-networks gets smaller. There are 65,536 ip addresses that begin with 148.43; there are only 256 ip addresses that begin with 148.43.200.

.64

196

One of the /24 networks…148.43.200.0…is shown extracted to the right, pictured as a circle (the pie) with some of the possible values for the last octet , .0 to .255, shown in a clock-wise direction around the perimeter of the circle…..0 is at 12 o'clock….128 is at 6 o'clock and so on. The slices represented are:

• a /25 network from 148.43.200.0 to 148.43.200.127, • a /26 network from 148.43.200.128 to 148.43.200.191, • and a /27 network from 148.43.200.192 to 148.43.200.223.

As your network's mask gets longer, your slice of the pie gets smaller.

197

Practical Exercise 3 IP Subnet Masking 1. IP Address 10.0.0.1/16 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________ 2. IP Address 131.29.1.5/24 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________ 3. IP Address 148.43.200.128/25 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address ___________________________ Available Addresses: _______________ _____________ 4. IP Address 25.205.120.6/9 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address ____________________________ Available Addresses: _______________ _____________ 5. IP Address 128.1.0.0/10 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________ 6. IP Address 148.43.200.16/30 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________ 7. IP Address 220.0.0.1/31 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________

198

8. IP Address 55.15.3.9/27 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address ____________________________ Available Addresses: _______________ _____________ 9. IP Address 148.43.200.12/29 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________ 10. IP Address 125.25.20.6/22 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address ____________________________ Available Addresses: _______________ _____________ 11. IP Address 18.121.10.0/14 Classful Mask: ____________________________ Subnet Mask: ___________________________ Network Address: ____________________________ Broadcast Address: ___________________________ Available Addresses: _______________ _____________ 12. IP Address 148.43.200.193/28 Classful Mask: ____________________________ Subnet Mask: ____________________________ Network Address: ____________________________ Broadcast Address: ____________________________ Available Addresses: _______________ _____________

199

Network Topology (1)

148.43.201.128/25255.255.255.128

148.43.200.64/26255.255.255.192

148.43.200.0/30255.255.255.252

Design Considerations The deployment of an addressing plan requires careful thought on the part of the network administrator. Four key questions must be answered before any design should be undertaken:

1. How many total subnets does the organization need today? 2. How many total subnets will the organization need in the future? 3. How many hosts are there on the organization's largest subnet today? 4. How many hosts will there be on the organization's largest subnet in the

future? The first step in the planning process is to take the maximum number of subnets required and round up to the nearest power of two. For example, if a organization needs 9 subnets, 23 (or 8) will not provide enough subnet addressing space, so the network administrator will need to round up to 24 (or 16). When performing this assessment, it is critical that the network administrator always allow adequate room for future growth. For example, if 14 subnets are required today, then 16 subnets might not be enough in two years when the 17th subnet needs to be deployed. In this case, it might be wise to allow for more growth and select 25 (or 32) as the maximum number of subnets.

200

For the military, these considerations would come into play as a parent organization, such as a corps or division, allocates blocks of IP addresses to its subordinate organizations. A corps may need to divide its total IPaddresses among four divisions. Division planners may need to divide their address space among six brigades, etc. Once these organizations receive their subnetted IP address allocation from the parent organization, they must make sure that there are enough host addresses for the organization's largest subnet. If the largest subnet needs to support 50 host addresses today, 25 (or 32) will not provide enough host address space so the network administrator will need to round up to 26 (or 64). Network designers must ensure that the organization's address allocation provides enough bits to deploy the required subnet-addressing plan. For example, if the organization has a single /16, it could easily deploy 4-bits for the subnet-number (creating the possibility of sixteen /20 subnets of that /16), and 6-bits for the host number (creating sixty-four /26s from each /20). However, if the organization owns several /24 networks and it needs to deploy 9 subnets, it may be required to subnet each of its /24s into four subnets (using 2 bits) and then build the internet by combining the subnets of 3 different /24 network numbers. An alternative solution would be to deploy network numbers from the private address space (RFC 1918) for internal connectivity and use a Network Address Translator (NAT) to provide external Internet access. The IP allocation exercises, which follow, assume that we have gathered user requirements for an overall topology, and determined that we will need to support a varying number of users at a number off different locations. We have been given an appropriate block of IP addresses to support those requirements, and must further subnet our network in order to create a workable subnet at each user location. In the exercises, NAT will not be needed.

201

115 Hosts6 Hosts

12 Hosts

Allocate an IP address scheme to fulfill user requirements

R1 R2

R3

R4


________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

202

4 hosts

55 hosts

11 hosts

110 hosts 110 hosts

11 hosts

4 hosts

55 hosts

R1

R2

R3

R4

R5

R6

R7

R8

Allocate an IP address scheme to fulfill user requirements


________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

203

Original/24

Network

Variable Length Subnet Mask (1)

In 1987, RFC 1009 specified how a subnetted network is assigned more than one subnet mask. It is considered a network with “variable length subnet masks” since the extended network prefixes have different lengths.

/25/26

/27

Variable Length Subnet Masks (VLSM) In 1987, RFC 1009 specified how a subnetted network could use more than one subnet mask. When an IP network is assigned more than one subnet mask, it is considered a network with variable length subnet masks since the extended-network-prefixes have different lengths. VLSM supports more efficient use of an organization's assigned IP address space. One of the major problems with the earlier limitation of supporting only a single subnet mask across a given network-prefix was that once the mask was selected, it locked the organization into a fixed-number of fixed-sized subnets. Route Aggregation VLSM also allows the recursive division of an organization's address space so that it can be reassembled and aggregated to reduce the amount of routing information at the top level. Conceptually, a network is first divided into subnets, some of the subnets are further divided into sub-subnets, and some of the sub-subnets are divided into sub 2 subnets. This allows the detailed structure of routing information for one subnet group to be hidden from routers in another subnet group.

204

VLSM Design Considerations When developing a VLSM design, the network designer must recursively ask the same set of questions as for a traditional subnet design. The same set of design decisions must be made at each level of the hierarchy:

1. How many total subnets does this level need today? 2. How many total subnets will this level need in the future? 3. How many hosts are there on this level's largest subnet today? 4. How many hosts will there be on this level's largest subnet be in the

future? At each level, the design team must make sure that they have enough extra bits to support the required number of sub-entities in the next and further levels of recursion. Assume that a network is spread out over a number of sites. For example, if an organization has three campuses today it probably needs 3-bits of subnetting (23 = 8) to allow the addition of more campuses in the future. Now, within each campus, there is likely to be a secondary level of subnetting to identify each building. Finally, within each building, a third level of subnetting might identify each of the individual workgroups. Following this hierarchical model, the top level is determined by the number of campuses, the mid-level is based on the number of buildings at each site, and the lowest level is determined by the maximum number of subnets/maximum number of users per subnet in each building. The deployment of a hierarchical subnetting scheme requires careful planning. It is essential that the network designers recursively work their way down through their addressing plan until they get to the bottom level. At the bottom level, they must make sure that the leaf subnets are large enough to support the required number of hosts. When the addressing plan is deployed, the addresses from each site will be aggregated into a single address block that keeps the backbone routing tables from becoming too large. Requirements for the Deployment of VLSM The successful deployment of VLSM has three prerequisites:

1. The routing protocols must carry extended-network-prefix information with each route advertisement.

2. All routers must implement a consistent forwarding algorithm based on the "longest match”.

3. For route aggregation to occur, addresses must be assigned so that they have topological significance.

Modern routing protocols, such as OSPF and EIGRP, enable the deployment of VLSM by providing the extended-network-prefix length or mask value along with each route advertisement. This permits each subnetwork to be advertised with its corresponding prefix length or mask. If the routing protocols did not carry

205

prefix information, a router would have to either assume that the locally configured prefix length should be applied, or perform a look-up in a statically configured prefix table that contains all of the required masking information. The first alternative cannot guarantee that the correct prefix is applied, and static tables do not scale since they are difficult to maintain and subject to human error. The bottom line is that if you want to deploy VLSM in a complex topology, you must select OSPF or I-IS-IS as the Interior Gateway Protocol (IGP) rather than RIP-1! It should be mentioned that RIP-2, defined in RFC 1388, improves the RIP protocol by allowing it to carry extended-network-prefix information. Therefore, RIP-2 supports the deployment of VLSM. Forwarding Algorithm is based on the "Longest Match" All routers must implement a consistent forwarding algorithm based on the "longest match" algorithm. The deployment of VLSM means that the set of networks associated with extended-network-prefixes may manifest a subset relationship. A route with a longer extended-network-prefix describes a smaller set of destinations than the same route with a shorter extended-network-prefix. As a result, a route with a longer extended-network-prefix is said to be "more specific" while a route with a shorter extended-network-prefix is said to be "less specific”. Routers must use the route with the longest matching extended-network-prefix (most specific matching route) when forwarding traffic.

148.43.200.0/30

148.43.200.4/30 148.43.200.128/26

148.43.200.192/27

Different interfaces on a router must be assigned different subnets with their own network number, broadcast address and range of available hosts.

Variable Length Subnet Mask (2)

206

Classless Inter-DomainRouting (CIDR)

CIDR eliminates the traditional concept of Class A, Class B, and Class C network addresses.

CIDR supports route aggregation where a single routing table entry can represent the address space of perhaps thousands of traditional classful routes.

Classless Inter-Domain Routing (CIDR) By 1992, the exponential growth of the Internet was beginning to raise serious concerns among members of the IETF about the ability of the Internet's routing system to scale and support future growth. These problems were related to:

• The near-term exhaustion of the Class B network address space. • The rapid growth in the size of the global Internet's routing tables. • The eventual exhaustion of the 32-bit IPv4 address space.

Projected Internet growth figures made it clear that the first two problems were likely to become critical by 1994 or 1995. The response to these immediate challenges was the development of the concept of Supernetting or Classless Inter-Domain Routing (CIDR). The third problem, which is of a more long-term nature, is currently being explored by the IP Next Generation (IPng or IPv6) working group of the IETF. CIDR was officially documented in September 1993 in RFC 1517, 1518, 1519, and 1520. CIDR supports two important features that benefit the global Internet routing system:

207

1. CIDR eliminates the traditional concept of Class A, Class B, and Class C network addresses. This enables the efficient allocation of the IPv4 address space, which will allow the continued growth of the Internet until IPv6 is deployed.

2. CIDR supports route aggregation where a single routing table entry can

represent the address space of perhaps thousands of traditional classful routes. This allows a single routing table entry to specify how to route traffic to many individual network addresses. Route aggregation helps control the amount of routing information in the Internet's backbone routers, reduces route flapping (rapid changes in route availability), and eases the local administrative burden of updating external routing information.

Without the rapid deployment of CIDR in 1994 and 1995, the Internet routing tables would have in excess of 70,000 routes (instead of the current 30,000+) and the Internet would probably not be functioning today! CIDR eliminates the traditional concept of Class A, Class B, and Class C network addresses and replaces them with the generalized concept of a network-prefix. Routers use the network-prefix, rather than the first 3 bits of the IP address, to determine the dividing point between the network number and the host number. As a result, CIDR supports the deployment of arbitrarily sized networks rather than the standard 8-bit, 16- bit, or 24-bit network numbers associated with classful addressing. In the CIDR model, each piece of routing information is advertised with a bit mask (or prefix-length). The prefix-length is a way of specifying the number of leftmost contiguous bits in the network-portion of each routing table entry. For example, a network with 20 bits of network-number and 12-bits of host-number would be advertised with a 20-bit prefix length (a /20). The clever thing is that the IP address advertised with the /20 prefix could be a former Class A, Class B, or Class C. Routers that support CIDR do not make assumptions based on the first 3-bits of the address; they rely on the prefix-length information provided with the route. In a classless environment, prefixes are viewed as bitwise contiguous blocks of the IP address space. For example, all prefixes with a /20 prefix represent the same amount of address space (2 12 or 4,096 host addresses). Furthermore, a /20 prefix can be assigned to a traditional Class A, Class B, or Class C network number. Figure 27 shows how each of the following /20 blocks represent 4,096 host addresses - 10.23.64.0/20, 130.5.0.0/20, and 200.7.128.0/20.

208

CIDR is Similar to VLSM If CIDR appears to have the familiar look and feel of VLSM, you are correct! CIDR and VLSM are essentially the same thing since they both allow a portion of the IP address space to be recursively divided into subsequently smaller pieces. The difference is that with VLSM, the recursion is performed on the address space previously assigned to an organization and is invisible to the global Internet. CIDR, on the other hand, permits the recursive allocation of an address block by an Internet Registry to a high-level ISP, to a mid-level ISP, to a low-level ISP, and finally to a private organization's network. Just like VLSM, the successful deployment of CIDR has three prerequisites:

1. The routing protocols must carry network-prefix information with each route advertisement.

2. All routers must implement a consistent forwarding algorithm based on the

"longest match”.

3. For route aggregation to occur, addresses must be assigned so that they are topologically significant.

Another important benefit of CIDR is that it plays an important role in controlling the growth of the Internet's routing tables. The reduction of routing information requires that the Internet be divided into addressing domains. Within a domain, detailed information is available about all of the networks that reside in the domain. Outside of an addressing domain, only the common network prefix is advertised. This allows a single routing table entry to specify a route to many individual network addresses

209

Internet

R1

Networks supported by R1

192.10.0.0/24192.10.1.0/24192.10.2.0/24192.10.3.0/24192.10.4.0/24192.10.5.0/24192.10.6.0/24

192.10.63.0/24

CIDR allows these 64 networks to be sent to the Internet by R1 as one advertisement….this is also known as supernetting, as opposed to subnetting.

(CIDR)

In the above diagram, R1 supports class C networks 192.10.0.0 through 192.10.63.0. It must advertise these to the Internet. Prior to CIDR being developed, it would have to advertise the 64 separately. Even though mathematically it would be possible to aggregate or summarize these into one statement, the existing subnetting rules at the time made it illegal to cross-classful boundaries when subnetting or summarizing. With the advent of CIDR, it now became legal to cross-classful boundaries when summarizing. Now the 64 separate networks could be advertised in one statement. This in turn used less network bandwidth and router resources to process the multiple updates. How much shorter would the mask have to be, in order to advertise 64 subnets as one? Hint: Increasing the mask by one network bit cuts the size of the network in half. Conversely, decreasing the mask by a network bit doubles the size of the network. When route summarization was first developed, summarizations could not cross-classful boundaries…for example, the 64 /24 networks above, from 192.10.0.0 to 192.10.63.0, could not be summarized because they would traditionally be considered Class C networks. For the purposes of route summarization, CIDR says you can cross-classful boundaries.

DECIMAL TO BINARY CONVERSION

0 00000000 50 00110010 100 01100100 1 00000001 51 00110011 101 01100101 2 00000010 52 00110100 102 01100110 3 00000011 53 00110101 103 01100111 4 00000100 54 00110110 104 01101000 5 00000101 55 00110111 105 01101001 6 00000110 56 00111000 106 01101010 7 00000111 57 00111001 107 01101011 8 00001000 58 00111010 108 01101100 9 00001001 59 00111011 109 01101101 10 00001010 60 00111100 110 01101110 11 00001011 61 00111101 111 01101111 12 00001100 62 00111110 112 01110000 13 00001101 63 00111111 113 01110001 14 00001110 64 01000000 114 01110010 15 00001111 65 01000001 115 01110011 16 00010000 66 01000010 116 01110100 17 00010001 67 01000011 117 01110101 18 00010010 68 01000100 118 01110110 19 00010011 69 01000101 119 01110111 20 00010100 70 01000110 120 01111000 21 00010101 71 01000111 121 01111001 22 00010110 72 01001000 122 01111010 23 00010111 73 01001001 123 01111011 24 00011000 74 01001010 124 01111100 25 00011001 75 01001011 125 01111101 26 00011010 76 01001100 126 01111110 27 00011011 77 01001101 127 01111111 28 00011100 78 01001110 128 10000000 29 00011101 79 01001111 129 10000001 30 00011110 80 01010000 130 10000010 31 00011111 81 01010001 131 10000011 32 00100000 82 01010010 132 10000100 33 00100001 83 01010011 133 10000101 34 00100010 84 01010100 134 10000110 35 00100011 85 01010101 135 10000111 36 00100100 86 01010110 136 10001000 37 00100101 87 01010111 137 10001001 38 00100110 88 01011000 138 10001010 39 00100111 89 01011001 139 10001011 40 00101000 90 01011010 140 10001100 41 00101001 91 01011011 141 10001101 42 00101010 92 01011100 142 10001110 43 00101011 93 01011101 143 10001111 44 00101100 94 01011110 144 10010000 45 00101101 95 01011111 145 10010001 46 00101110 96 01100000 146 10010010 47 00101111 97 01100001 147 10010011 48 00110000 98 01100010 148 10010100 49 00110001 99 01100011 149 10010101

211

DECIMAL TO BINARY CONVERSION

150 10010110 200 110010 00 250 11111010 151 10010111 201 110010 01 251 11111011 152 10011000 202 110010 10 252 11111100 153 10011001 203 110010 11 253 11111101 154 10011010 204 110011 00 254 11111110 155 10011011 205 110011 01 255 11111111 156 10011100 206 11001110 157 10011101 207 11001111 158 10011110 208 11010000 159 10011111 209 11010001 160 10100000 210 11010010 161 10100001 211 11010011 162 10100010 212 11010100 163 10100011 213 11010101 164 10100100 214 11010110 165 10100101 215 11010111 166 10100110 216 11011000 167 10100111 217 11011001 168 10101000 218 11011010 169 10101001 219 11011011 170 10101010 220 11011100 171 10101011 221 11011101 172 10101100 222 11011110 173 10101101 223 11011111 174 10101110 224 11100000 175 10101111 225 11100001 176 10110000 226 11100010 177 10110001 227 11100011 178 10110010 228 11100100 179 10110011 229 11100101 180 10110100 230 11100110 181 10110101 231 11100111 182 10110110 232 11101000 183 10110111 233 11101001 184 10111000 234 11101010 185 10111001 235 11101011 186 10111010 236 11101100 187 10111011 237 11101101 188 10111100 238 11101110 189 10111101 239 11101111 190 10111110 240 11110000 191 10111111 241 11110001 192 11000000 242 11110010 193 11000001 243 11110011 194 11000010 244 11110100 195 11000011 245 11110101 196 11000100 246 11110110 197 11000101 247 11110111 198 11000110 248 11111000 199 11000111 249 11111001

212

213

H = Number of host bits in the network IP address2H - 2 = the number of available host addresses

Example: The network 148.43.64.0, with a mask of 255.255.192.0, or /18, has 14 host bits (32-18=14). Based on the chart above, there are 16,382 available host IP addresses in the network.

214

IP Addressing Subnet Masking

Review Questions

215

1. An IP address is made up of _____________.

a. 4 octets b. 6 octets c. 8 octets d. 16 octets

2. An IP address is ________________.

a. 8 bits in length b. 16 bits in length c. 24 bits in length d. 32 bits in length

3. Any computer device on the network that is capable of receiving and

transmitting is called __________________. a. status b. network c. host d. decimal

4. The __________ field of the address is used by routers to determine a path to

your location. a. VLSM b. Host c. Network d. CIDR

5. The decimal representation of 11111100 is ________________.

a. 251 b. 252 c. 254 d. 255

6. The decimal representation of 10101010 is _________________.

a. 150 b. 160 c. 170 d. 180

7. The decimal representation of 11111111 is _________________.

a. 0 b. 255 c. 128 d. 512

8. The decimal representation of 10010100.00101011.11001000.00001111 is

_______________. a. 148.43.200.300 b. 148.43.201.15 c. 147.43.200.15 d. 148.43.200.15

216

9. The binary equivalent of 192 is _______________.

a. 11000000 b. 10000000 c. 10100000 d. 11100000

10. The binary equivalent of 63 is _______________.

a. 00111111 b. 11000000 c. 00011111 d. 11100000

11. Which of the following is not a classful subnet mask? _________________.

a. 255.255.0.255 b. 255.0.0.0 c. 255.255.255.0 d. 255.255.0.0

12. Which of the following is the subnet mask for a Class A network?

_________. a. 255.255.255.255 b. 255.255.255.0 c. 255.255.0.0 d. 255.0.0.0

13. What is the classful subnet mask for 148.43.200.6?

a. 255.255.255.255 b. 255.255.255.0 c. 255.255.0.0 d. 255.0.0.0

14. What is the classful subnet mask for 126.16.10.200?

a. 255.255.255.255 b. 255.255.255.0 c. 255.255.0.0 d. 255.0.0.0

15. What is the classful subnet mask for 202.202.202.202? a. 255.255.255.255 b. 255.255.255.0 c. 255.255.0.0 d. 255.0.0.0

16. If the first octet is 00111111, what is the classful subnet mask?

a. Class A b. Class B c. Class C d. Class D e. None of the above

217

17. If the first octet is 01111111, what is the classful subnet mask? a. Class A b. Class B c. Class C d. Class D e. None of the above

18. If the first octet is 11010001, what is the classful subnet mask?

a. Class A b. Class B c. Class C d. Class D e. None of the above

19. The 32-bit IP address scheme allows for __________available addresses.

a. 4,129 b. 4,294,967 c. 4,294,967,296 d. 4,294,967,296,148

20. In 1985 RFC, _____ defined a standard procedure to support the division of

single Class A, B, and C network numbers into smaller pieces. a. 920 b. 930 c. 940 d. 950

21. With an IP address of 10.10.10.1 with a mask of 255.255.255.0, what is the

network and broadcast address? a. network 10.10.0.0 – broadcast 10.10.255.255 b. network 10.10.10.0 – broadcast 10.10.10.255 c. network 10.10.10.0 – broadcast 10.10.10.3 d. network 10.10.10.0 – broadcast 10.10.10.252

22. With an IP address of 148.43.200.128 and a mask of 255.255.255.252, what

is my network and broadcast address? a. network 148.43.200.0 – broadcast 148.43.200.255 b. network 148.43.200.0 – broadcast 148.43.200.127 c. network 148.43.200.128 – broadcast 148.43.200.255 d. network 148.43.200.128 – broadcast 148.43.200.131

23. With an IP address of 205.15.67.255 and a mask of 255.255.255.240, what

is my network address? a. 205.15.67.176 b. 205.15.67.160 c. 205.15.67.240 d. 205.15.67.248

218

24. With an IP address of 195.211.17.5, my subnet mask is _________________ in a classless network.

a. 255.255.255.0 b. 255.255.0.0 c. 255.255.255.252 d. cannot determine the subnet mask

25. You have a requirement for 6 hosts on one Ethernet and 4 hosts on another

Ethernet. Which mask could you use with 148.43.200.0 that would provide for both requirements?

a. 255.255.255.254 b. 255.255.255.252 c. 255.255.255.248 d. 255.255.255.255

26. If you have an Ethernet connection with 52 hosts and you expect to add an

additional 40 hosts later in the year, what subnet mask would you apply to 148.43.200.0 to provide for the expected growth?

a. 255.255.255.240 b. 255.255.255.224 c. 255.255.255.192 d. 255.255.255.128

27. What is the subnet mask for 116.201.25.10 /25? a. 255.255.255.0 b. 255.255.255.128 c. 255.255.255.192 d. 255.255.255.224

28. What is the subnet mask for 148.43.200.0 /32?

a. 255.255.255.255 b. 255.255.255.0 c. 255.255.0.0 d. 255.0.0.0

29. What is the subnet mask for 148.43.200.0 /30?

a. 255.255.252.255 b. 255.252.255.255 c. 255.255.255.252 d. 252.255.255.255

For Questions 30 - 32 : You have 162 hos ts on one hub connection. 100 hosts are from the Finance D epartment and 62 from Engineer ing. The network has become extremely c ongested. 1) You want to s eparate Engineering from Finance by plac ing t hem on to their own networks. 2) You want to pr ovide sufficient addressing f or growth in both dep artments. Each is expected to hire twenty more employees in the next year.

219

30. Solution: You install separate hubs for each department with a line connecting the two hubs.

a. provides solution for both tasks b. provides solution for task 1 but not task 2 c. provides solution for task 2 but not task 1 d. doesn’t provide the required end results

31. Solution: You install a router on one Ethernet. You program the IP as

148.43.200 /24 for Finance and 148.42.201 /26 for Engineering. a. provides solution for both tasks b. provides solution for task 1 but not task 2 c. provides solution for task 2 but not task 1 d. doesn’t provide the required end results

32. Solution: You install a bridge with Engineering on one port and Finance on another. You ensure all computers are running NET BEUI and each is under their own network name.

a. provides solution for both tasks b. provides solution for task 1 but not task 2 c. provides solution for task 2 but not task 1 d. doesn’t provide the required end results

33. If you allocated eight bits for subnetting to a class B address, how many subnets would be possible?

a. 252 b. 254 c. 256 d. 258

34. What is the significance of the address 148.43.255.255 255.255.0.0?

a. a host number b. a local broadcast c. a directed broadcast d. an illegal address

35. What is the significance of the address 255.255.255.255

a. a host number b. a local broadcast c. a directed broadcast d. an illegal address

36. Given a subnet address of 10.64.0.0 and a subnet mask of 255.224.0.0, what is the highest allowed host address on this subnet?

a. 10.95.255.255 b. 10.95.255.254 c. 10.95.254.0 d. 10.64.255.254

220

37. Given a subnet address of 148.43.200.0 and a subnet mask of 255.255.254.0, what is the broadcast address?

a. 148.43.200.255 b. 148.43.201.255 c. 148.43.202.255 d. 148.43.203.255

38. Given a subnet address of 148.43.200.0 and a subnet mask of 255.255.254.0, how many hosts can there be?

a. 254 b. 256 c. 510 d. 512

39. For an IP address of 153.3.34.35 and a netmask of 255.255.255.224, what is my usable host range?

a. from 153.3.34.35 to 153.3.34.64 b. from 153.3.34.35 to 153.3.34.65 c. from 153.3.34.33 to 153.3.34.62 d. from 153.3.34.33 to 153.3.34.63

40. Subnetting is used to ____________________?

a. make programming HUBs easier b. make the address 64 bits c. to divide a network into smaller subnetworks d. to take smaller networks and make them larger

41. How many host addresses are possible for a class A network with 16 subnet bits?

a. 64,000 b. 2,000,000 c. 64 d. 254

42. Which of the following classes is used for multicasting?

a. Class A b. Class B c. Class C d. Class D

43. I have a requirement for 4 networks each with 20 hosts. What would the

mask be? a. /24 b. /25 c. /26 d. /27

44. The network 148.43.0.0 can support how many hosts if not subnetted?

a. 254 b. 1024 c. 65,534 d. 16,777,206

221

45. You have a requirement for 16 hosts on Ethernet 0 and 10 hosts on Ethernet 1 and 72 hosts on Ethernet 2. Your block address range is 131.16.72.128 /25.

a. you can provide for all requirements b. you can provide for 2 of the 3 requirements c. you can provide for 1 of the 3 requirements d. you can provide for none of the requirements

46. You have a requirement for connecting two routers to each other with a serial link and each router has a requirement for 122 hosts. What is the minimum addressing range you can assign to meet the requirement?

a. 148.43.200.0 /22 b. 148.43.200.0 /23 c. 148.43.200.0 /24 d. 148.43.200.0 /25

47. You will not find VLSM on __________________.

a. routers b. switches c. hubs d. none of the above

48. In 1987 RFC ______ specified how a subnetted network could use more than one subnet mask.

a. 950 b. 960 c. 1008 d. 1009

49. CIDR and supernetting are ______________________?

a. the same thing b. for Ipv4 and Ipv6 c. the complete opposite d. are classful addressing schemes

TAB

Insert Tab # 5 Here

Introduction to Router Operations

Hardware and Programming

223

224

Router Front Panel

Cisco 2811

FE 0/1 FE 0/0A

F

S

L

A

F

S

L

A= ACTS= SPEED

F= FDXL= LINK

S L O T 2

S L O T 0

S L O T 3

S L O T 1NME 0

R

PVDM1 PVDM2 AIM1 AIM0

SERIAL 1

CONNWIC

2TCONN

SERIAL 0

NM-

EN

0x8x1x9x2x10x3x11x4x12x5x13x6x14x7x15x

15x

7x 0x

8xFASTETHERNET PORTS

10/100/1000BASE TX

-48V GE

EXTPWRESW-

161

VIC

1IN

US

E0

IN U

SE

FXS

SERIAL 1

CONNWIC

2TCONN

SERIAL 0VIC

1

IN U

SE

0

IN U

SE

FXO

FastEthernet

WIC

WIC

Network Module Slot

Cisco 2800 Series

DO NOT REMOVE DURING NETWORK OPERATION

CF COMPACT FLASH 1

0

SYSACT

AUX /PWR

SYSPWR

CONSOLE

AUX

100 -240 V ~ 2A50 /60 H z

OPTIONAL RPS INPUT

12V - - -___ 11A

Power / Aux/Pwr / Activity /CF CardIndicators

Console

AUX

VIC

VIC

USB

External Compact FlashCard Slot

Redundant Pwr Systemconnection

Sys Pwr LED Solid green if operating normally. Blinks while booting or in ROM monitor. Amber if there is a system error. Off if, no power applied or system board is faulty.

Aux/Pwr LED Off—No IP phone power or RPS installed. Redundant

Power System connection is covered if not used. On (Green)— IP phone power operating normally (if installed). Cisco RPS operating normally (if installed). On (Amber) — IP phone power fault or RPS fault.

Activity Blinking when any packets are transmitted or received on any WAN or LAN.

CF Green indicates compact flash memory is being accessed.

Do not eject card. Off indicates no card access. Card may be ejected.

USB Universal Serial Bus ports Console RJ-45 serial connection used to access the router for

configuration and monitoring with a local PC.

225

Auxiliary RJ-45 serial connection used to access the router via a dial-up modem.

Fast Ethernet FastEthernet connections. Number / type depends on router

model. WIC WAN Interface Card slot. WIC modules come in a variety of

different interfaces. VIC Voice Interface Card. Used for VOIP/PSTN/PBX

connectivity. Slot may also be used for WICs. Network Module Slot for a network module. Network modules come in

several different varieties, which contain/support a variety of network interfaces. Often referred to as an NME (Network Module Enhanced).

226

2811 Internal Components

Packet Voice DSP Module (PVDM) Slot

Primary Memory(SDRAM DIMMs)

Advanced IntegrationModuleSlots

BootROM

CPU

The Cisco 2811 router contains two 100-pin dual in-line memory module (DIMM) sockets (or banks) for DRAM. The sockets hold ECC DDR (error-correcting code, double data rate) SDRAM DIMMs. You can use the memory-size iomem software command to configure DRAM as a mixture of shared memory, which is used for data transmitted or received by network modules and WAN interface cards, and primary or main memory, which is reserved for the CPU. For further information about this command, refer to the Cisco IOS Release 12.3 configuration guides and command references, at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/prod_configuration_guide09186a008017d581.html The 2811 router uses an internal 2MB flash memory for Boot / NVRAM. This stores the bootstrap program (ROM monitor), the configuration register, and the startup configuration. The Cisco IOS software image is stored in this external flash memory. Total amount of flash is dependent upon the model of the router. The 2811 has 64MB (default), or optional 128MB or 256MB.

AIM: ADVANCED INTEGRATION MODULE The integration of field-installable AIMs enhances the performance of the Cisco 2800 Series by off-loading processor-intensive functions onto a dedicated coprocessor. This preserves the Network Module slot for other applications. A variety of AIMs are currently supported on all Cisco routers used within the WIN-T network, providing high performance hardware-assisted data compression, data encryption, ATM, and Digital Signal Processor (DSP) functionality for up to 30 digital voice channels.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/index.htm



227

JNN Router Hardware Overview

Feature 2811 Router 3825 Router 3845 Router

This chart shows the hardware supported by the different models of WIN-T and legacy JNN routers: network interfaces (NM/WIC/LAN), memory (SDRAM), and flash. For the SDRAM and Flash, there are two numbers listed. The first lists the base amounts of SDRAM and Flash that is installed when the router is purchased. The second indicates the maximum amount that the router will support. NM: NETWORK MODULE OPTIONS NMs enable the Cisco router to be customized to meet the needs of virtually any customer. These modules support a broad range of applications; including multi-service voice/data integration, analog and ISDN dial access, ATM access, integration of low-density switching, intrusion detection systems, content networking, and serial device concentration. By offering NMs such as the Etherswitch, Content Engine, and Intrusion Detection Network Modules, more services are integrated onto a single platform. These modules provide the advantage of integrating switching, content networking, or intrusion detection with routing onto one platform for greater management and ease of operation. WIC: WAN Interface Card Each WIC card can hold a single DB60 Serial (WIC-1T), two new Smart Serial (WIC-2T) ports or two RJ-48 T1 ports for WAN connectivity. Ethernet slots may feature 100BaseT Fast Ethernet or 1000BaseT Gigabit Ethernet ports. PVDMs are Packet Voice Data Modules for VOIP/PSTN/PBX digital signal processor functionality.

228

Router Initialization Process

CPUInteracts withMemory Modules

At start-up,ROM firstperforms hardware check

After POST, Flash loads IOSstart-up routines to RAM orruns them directly fromFlash

Runs IOS and currentconfig; buffer forexternal interfaces

NVRAM loads saved user settings, controls boot sequence

ROMBootstrap

POST ROM Mon

RAMMain Shared

Running Config & IOS

Interfaces

NVRAMConfig Register

StartupConfig

FLASHIOS Storage

ROM: Read Only Memory contains the micro-code for basic functions to start and maintain the router. Major areas contained in ROM include:

1) Bootstrap code – Used to bring the router up during initialization. It reads the configuration register to determine how to boot and then, if instructed to do so, load the IOS (Internetwork Operating System). 2) POST – Power on Self Test is the micro-code used to test the basic functionality of the router hardware and to determine what components are present. 3) ROM Monitor – A low level operating system normally used for testing and troubleshooting problems occurring during the boot process.

RAM: Random access memory contains the software and data structures to

allow the router to function. The principle software running in RAM is the IOS and the running configuration. The IOS and start-up configurations are loaded into RAM during the boot process. RAM also provides the buffering function for the router’s external interfaces.

NVRAM Non-volatile RAM is mainly used to store the configuration. It uses a battery to maintain the data when the power is removed from the router. The NVRAM also contains the configuration register. It is a 16 bit virtual register that determines router boot sequence. By varying the register settings, the boot sequence on the router can be changed.

External Flash : The external flash memory is primarily used to store the IOS

software image.

229

Virtual Configuration Register

Bit numbers 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0Bit values 8 4 2 1 8 4 2 1 8 4 2 1 8 4 2 1

Normal boot sequence 2 1 0 2

Ignore NVRAM (password recovery)

2 1 4 2

boot fieldbit six

The configuration register in the Cisco router is a 16-bit virtual configuration register. It determines the boot sequence for the Bootstrap software in the ROM. The Bootstrap software is similar to the BIOS in a PC. Most PC’s when they initially boot have the option to enter a “setup” mode for the BIOS. Normally it is done by entering F1, F2, F12, etc. The PC then enters a dialog program that allows the user to manipulate such things as which drive the operating system is loaded from. Changing the settings on the configuration register has the same affect on the Cisco router. The routers also have a dialog program in the ROM Monitor mode. It can be entered by using the command confreg. The configuration register is divided into four areas with each area containing four bits. Each bit is assigned a value with total value of the area being 15. By “turning a bit on”, you enable a certain function to be performed during the boot process. The value of the bit is then added to the area. If multiple bits are enabled, then the values are added together. The value of each area is then displayed hexadecimal, 0 - F. The value of 0x2102 is the setting for a “normal” boot process. This tells the router to boot the first image in Flash memory, the break command is disabled, and if a network boot fails got to the ROM Monitor mode. By default, the router will look in NVRAM for a start-up configuration to load unless told otherwise. The value of 0x2142 is used for password recovery. It basically tells the router to do the same thing but bit 6 is enabled (which gives the second area a value of 4). This tells the router to ignore NVRAM which does not allow it to load the start-up configuration.

230

Bit Meanings

Enables diagnostics messages & ignores NVRAM0x800015

Sets IP broadcast network field to zeros0x400014

Boot default ROM OS if network boot fails0x200013

Console line speed (all zeros for 9600)0x0020, 0800, 10005, 11, & 12

Sets IP broadcast host field to all zeros0x040010

Secondary bootstrap (not typically enabled)0x02009

Break disabled after 60 seconds of boot0x01008OEM bit enabled0x00807

Ignore NVRAM during boot0x00406

Enables boot system command in NVRAM0x0002 – 0x000F1,2,& 3

Boots first image in flash0x00010Boots to ROM Monitor Mode0x0000None

MeaningHex ValueBit Number

231

Router Initialization

Destinationfilename [startup-config]?

0X2102

0X2100

Start

Boot field = 0

yes

ROMMonitorMode

Boot field = 1

no

Checkstart-up config

noBoot

SystemCommands?

FollowCommands

yes

no

ValidIOS inFlash?

Use IOSFrom Flash

yes

Attempt toget IOS

from network

6failures?

Success? Use filefrom network

Config Regbit 13 = 1

yes

Load IOS Config Regbit 6 = 1

ValidConfig

file?

SetupMode

Normal boot

complete

yes

yes no

no

0X2102

0X2102

0X2101

0X2102

0X2142

0X2102

0X2102

boot-start-marker boot-end-marker

no

System flash directory:File Length Name/status1 31865772 c2800nm-adventerprisek9-mz.123-14.T7.bin

yesyes no

no

yes

no

The startup routines for Cisco IOS software have the goal of starting router operations. Cisco routers are designed to deliver reliable service for the connecting user networks. To succeed, the startup routines must:

• Make sure that the router comes up with tested hardware. • Find and load the Cisco IOS software that the router uses for its operating

system.

• Find and apply the configuration statements about router-specific attributes, protocol functions, and interface addresses.

The router makes sure that it comes up with tested hardware. When a Cisco router powers up, it performs a power-on self-test (POST). During this self-test, the router executes diagnostics from ROM on all modules. These diagnostics verify the basic operation of the CPU, memory, and interface circuitry. After verifying the hardware functions, the router proceeds with software initialization. Some startup routines act as fallback operations that are able to perform the router startup should other routines be unable to do so. This flexibility allows Cisco IOS software to start up in a variety of initial situations.

232

When the router starts up, it searches its configuration register to determine where to find the Cisco IOS software. If your router does not find a valid system image, or you interrupt the boot sequence, the system enters ROM monitor mode. From ROM monitor mode, you can also boot the device or perform diagnostic tests. You can configure the router to automatically initiate ROM monitor mode every time the router starts up. You can also configure the router to boot the Cisco IOS image file from ROM or to look in NVRAM for user-defined instructions on where to locate the image file. We will discuss these load options in greater detail in the “Managing Your Configuration Environment” chapter. Once the Cisco IOS software has been loaded, the router will attempt to load the configuration file, if one exists. This file contains all the configuration information you specified for this particular configuration file from a TFTP server. If no configuration file exists, the router will revert to setup mode. Setup mode is an interactive dialog that allows you to create a basic configuration for the router. If the router is configured to load the software from a TFTP server and the server cannot be found, then the router uses the configuration file existing in NVRAM. If the TFTP server is available, the router loads the alternate configuration file stored on the TFTP server. Once the router has completed the initialization process, the router begins operations. At this point, you can build new configuration parameters or alter an existing one. In either case, you access the router through the user interface commands.

233

Network Interfaces

In this case, the ports don’t exist on a cardin a “Card-Slot”, or even in a NM. They are built straight into the chassis rear panel, therefore there is no “slot” number.

On Cisco hardware, components are numbered from right to left, then from bottom to top.

0

0

1

1

Cisco 2811

FE 0 /1 FE 0/0A

F

S

L

A

F

S

L

A = ACTS= SPEED

F= FDXL= LINK

S L O T 2

S L O T 0

S L O T 3

S L O T 1NME 0

R

PVDM 1 PVDM 2 AIM 1 AIM 0CONN

WIC2T

CONN

NM-

EN

0x8x1x9x2x10x3x11x4x12x5x13x6x14x7x15x

15x

7x 0x

8xFASTETHERNET PORTS

10/100/1000BASE TX

-48V GE

EXTPWRESW-

161

VIC

IN U

SE

IN U

SE

FXS

CONN

WIC2T

CONNVIC

IN U

SE

IN U

SE

FXO

NMS 1NMS 1 NMS 0NMS 0

Slot 1Slot 1

Slot 2Slot 2Slot 3Slot 3

Slot 0Slot 0

Port 1Port 1Port 0Port 0


Port 1Port 1

Port 1Port 1

Port 0Port 0

Port 0Port 0


Port 15Port 15 Port 8Port 8

ss00//22//11

NMS=

NM

S=

Slot

Slot

Port

Port

Port 1Port 1 Port 0Port 0

In this case, the ports exist on a “Network-Module” (NM) plugged into a “Network-Module-Slot” (NMS). There is no “Card-Slot” present, therefore there is no “slot”number.

ff00//11

NMS=

NMS=

Port

Port

ff11//88

NMS=

NMS=

Port

Port

The first numerical value represents the “interface-type”. If the value is 1, there is a “Network-Module-Slot (NMS)” present. If the value is 0, there is no NMS present and the physical interface is plugged directly into the chassis rear panel.

Cisco routers are considered modular in that not all network interfaces are fixed, or built directly into the chassis. The interfaces can be removed and installed depending on the network connectivity required. When facing the rear of the router, the slots count from right to left as shown above. When a network module has more than one type of the same interface, the interfaces are numbered with the slot first then the interface number again counting from right to left. The 2800 series router as shown above may have interfaces 1) built directly into the chassis, 2) interfaces plugged into a card slot on a network module, or 3) interfaces built directly into a network module. Interfaces built directly into the chassis front panel are numbered simply as ‘interface type – port number’. Interface USB1 would be an example. Interfaces built directly into the chassis rear panel are numbered ‘interface type 0/port number’. The ‘0’ comes from being in network module slot 0 of the rear panel. Interface f0/1 is an example. Interfaces plugged into a network module card slot are numbered Interface-type network-module-number / interface-card-slot / port-number. Interface S0/2/1 is an example. Interfaces built directly into an installed network module are numbered Interface-type network-module-number / port. Interface f1/8 is the example shown above.

234

Serial Connections

• Used for point to point communications

• Can operate as DTE or DCE

• Operates at multiple clock rates

• Can interface to multiple standards: RS-449, RS-530, RS-232, V.35, etc.

• Available serial ports include the WIC-2T andthe older and larger (one per card slot) HD60.

235

WIC-2T 2 Port Serial WAN Interface Card

Serial Network Module

The WIC-2T provides two serial ports using the Smart Serial connector.

• Asynchronous support with a maximum speed (per port) of 115.2 Kbps, minimum 600 bps. If you need to run at speeds lower than 600 bps, use the AUX port instead.

• Synchronous support with a maximum speed of 8 Mbps per port.

o Supports one port at 8 Mbps when used in NM-1FE1R2W, NM-

1FE2W, NM-2FE2W, or NM-2W, or Cisco router chassis WIC slots. All other WIC ports on that network module or Cisco router chassis must not be used.

o Supports two ports at 4 Mbps each when used in NM-

1FE1R2W, NM-1FE2W, NM-2FE2W, or NM-2W, or Cisco router chassis WIC slots. All other WIC ports on that network module or Cisco router chassis must not be used.

o Supports 8 Mbps on all ports simultaneously on 2691, 3725,

and 3745. No restrictions. Maximum six ports at 8 Mbps each.

http://www.cisco.com/univercd/cc/td/doc/pcat/se____c2.htm

http://www.cisco.com/en/US/products/hw/routers/ps274/products_tech_note09186a00800b1155.shtml




236

DCE vs DTE

A DTE converts information into data signals for transmission, or reconverts the received data signals into user information. A DTE could be a host computer, front-end processor (FEP), terminal, printer, controller, etc. It is a piece of equipment that, as the name implies, terminates the data for a higher level of processing. A DCE is required to establish, maintain, and terminate a connection. A DCE also performs signal conversion required for communications between the DTE and the communication line. Typically, the DCE supplies the clock; however, there are cases when this is not possible or desirable. Certain data arrangements require that clocking for the transmitted data be supplied by the DTE. This would require that clocking for the transmitted data be supplied by the DTE. This would require the DCE to phase-lock to an external clock source. This source would be provided from the DTE or another modem. A DCE could be a modem, Channel Service Unit/Data Service Unit (CSU/DSU), Packet Assembler/Disassembler (PAD), uncombined multiplexer port, etc.

237

Control Leads

DTE DCE

RTSCTSDTRDSRDCD

RTSCTSDTRDSRDCD

Request to SendAbbreviated RTS. A hardware signal defined by the RS-232-C standard to request permission to transmit.Clear to SendAbbreviated CTS. A hardware signal defined by the RS-232-C standard that indicates that the transmission can proceed.Data Terminal ReadyAbbreviated DTR. A hardware signal defined by the RS-232-C standard sent from a computer to a modem to indicate that the computer is ready to receive a transmission.

Data Set ReadyAbbreviated DSR. A hardware signal defined by the RS-232-C standard to indicate that the device is ready to operate.Data Carrier DetectAbbreviated DCD. A hardware signal defined by the RS-232-C standard that indicates that the device, usually a modem, is online and ready for transmission.

Originally to control data flow on

asynchronous circuits

Control leads are the hardware connection between a DCE and DTE. Once used to control data flow between devices, these signals now indicate to Cisco routers that an interface is 'up' at the physical layer.

238

Ethernet Connections (1)

• Normally used for host connections

• Can be used for router connection; point-to-point orbroadcast multiaccess

• Normally AUI, 10/100BaseT, or 10Base2

• AUI (Auxiliary Unit Interface): Connection for Transceiver

• 10/100BaseT: RJ45- crossover for ethernet to ethernet connection- straight through for ethernet to hub connection

• 10Base2: Coax/RG-58

1 2 3 1 2 3

Fast Ethernet LEDs1. 100Mbps – lit when i/f speed is 100 Mbps2. Link – indicates connectivity established with connected device3. FDX – indicates full duplex mode

Other LEDs associated w/ fast ethernet (not on every model)1. Col – Indicator of collision activity on the network2. EN – on installable modules; indicates module passed hardware test and

is ready for use.

Note: I/Fs above are built in to router chassis. Ethernet / fast ethernet i/fs may also be installed as separately purchased modules.

Ethernet Connections (2)

239

• Both used to access router for programming and monitoring

• Console for local PC

• Auxiliary for dial-up modem

• Router logging defaults to console

• Same type of connection, RJ-45/serial- rollover cable used

Console / Aux Connections

Types of RJ-45 Ethernet Cables

Rollover Pin Outs(console/aux)

1 - 82 - 73 - 64 - 55 - 46 - 37 - 28 - 1

Crossover Pin Outs(Ethernet to Ethernet)

1 - 32 - 63 - 16 - 2

Straight Thru Pin Outs(Ethernet to hub)

1 - 12 - 23 - 36 - 6

GigabitCrossover Pin Outs

(Ethernet to Ethernet)

1 - 32 - 63 – 14 – 75 - 86 – 27 – 48 - 5

GigabitStraight Thru Pin Outs

(Ethernet to hub)

1 - 12 - 23 – 34 – 45 – 56 – 67 – 78 - 8

10/100/1000baseT 10/100/1000baseT

10/100baseT 10/100baseT

240

Accessing the Router

• Configuration information can come from many sources

Console Port

Auxiliary Port

Serial/EtherInterfaces

VirtualTerminals

VTY 0 15

TFTP Server

Network ManagementStation

Local Access Remote Access

There are several ways to access a router for configuration and displaying various functions. • Console Port – Local PC. • Auxiliary Port – Dial-up Modem. • Virtual Terminals (VTY 0 4) – Telnet. Used to access the router via the

network. • TFTP Server – Trivial File Transfer Protocol. Used to download a

configuration via the network. • Network Management Station – Computer running some type of Network

Management Software such as HP Openview, Cisco Works, or What’s Up Gold.

Note: To utilize Virtual Terminals, TFTP Server, and Network Management, the router must be configured to support IP traffic.

241

Router Modes

When complete, enters user exec mode

Consists of a series of questions

Option provided during boot (yes/no) if no config found

Setup

reset command>Press break key during first 60 seconds of boot

ROM Monitor

exit command or Ctrl Zrouter(config)#configure terminal commandGlobal Configuration

disable commandrouter#enable commandPrivileged Exec

logout commandrouter>log inUser Exec

Exit MethodPromptAccess MethodCommand Mode

The Cisco IOS user interface provides access to several different command modes. Each command mode provides a group of related commands that allow you to configure or monitor your router. Entering a question mark (?) at the system prompt allows you to obtain a list of commands available for each command mode. • User EXEC mode - After you log in to the router, you are automatically in user

EXEC command mode. In general, the user EXEC mode contains nondestructive commands that allow you to connect to remote devices, change terminal settings on a temporary basis, perform basic tests, and list system information. User EXEC mode is indicated by the device host name followed by the angle bracket (>).

• Privileged EXEC mode - The privileged EXEC mode commands set

operating parameters. The privileged commands include those commands contained in user EXEC mode, as well as the configure command through which you can access the remaining command modes. Privileged EXEC mode also includes high-level testing commands, such as debug. To enter privileged EXEC mode, enter enable at the user EXEC prompt. The privileged EXEC mode prompt consists of the device host name followed by the pound sign (#).

242

From the privileged level, you can access a number of specific configuration modes: • ROM monitor mode - A command-line interface (CLI) that allows you to

configure your router. ROM monitor mode occurs if your router does not find a valid system image, or if you interrupt the boot sequence during startup. The ROM Monitor prompt is the angle bracket (>). On the Cisco 1003, 4500, 7200, and 7500 series, rommon> is the default ROM monitor prompt. The continue command takes you from ROM monitor to user EXEC mode.

• Setup mode - This mode is an interactive prompted dialog at the console that

helps the new user create a first-time basic configuration. You can also enter setup mode by entering setup at the privileged EXEC prompt. Setup mode consists of series of questions and does not exhibit a defining prompt of its own.

• RXBoot Mode - This mode is a special mode you enter by altering the

settings of the configuration register and rebooting the router. RXBoot mode provides the router with a subset of the Cisco I0S software and helps the router boot when it cannot find a valid Cisco IOS image in Flash memory. The RXBoot mode prompt is the host name followed by <boot>.

• Global configuration mode - Global c onfiguration commands apply to

features that affect the syst em as a whole. You init iate global configuration mode by entering the configur e co mmand at the priv ileged EXEC mode prompt. Global configuration mode is indicated by the devic e host name (config) followed by t he pound sign (#). To exit to Privileged EXEC mode, enter exit, end, or press Ctrl-Z at the prompt.

From global configur ation mode, you can access a number of other command modes. • Other configuration modes - These modes provide more specific multiple-

line configurations that ta rget i ndividual interfaces or functionality, such as modifying the operation of an interface, configuring m ultiple virtual interfaces (called subinterfaces) on a single physi cal interface, or setting an IP routing protocol. There are more than 17 differ ent specific c onfiguration modes. To learn more about these different modes , refer to "Understanding the Us er Interface" on your Cisco Documentation CD-ROM.

243

Password Recovery1. Turn on the router.2. Within 60 seconds, perform a “control break” from the PC keyboard.3. Router prompt should read “rommon>”. This indicates the router is in the ROM Monitor

mode.4. Enter the command “confreg 0x2142”. This resets the configuration register to bypass

NVRAM during the boot and not load the startup configuration file.5. Enter the command “reset”. This will reboot the router.6. After the router boots, DO NOT enter the setup mode and terminate auto install.7. Enter the enable mode.NOTE: perform either step 8 or 9, not both.8. If the startup configuration is not needed, perform an “erase start” command.9. If the startup configuration is needed, perform a “copy start run” command. Change the

passwords. Perform a “copy run start” command.

10. Enter the global configuration mode. Enter the command “config-reg 0x2102”. This resets the configuration register so the router will perform a normal boot and load the edited startup configuration.

11. From the enable prompt, perform a “show version” command. Verify configuration settings are correct.

12. Reboot the router.

Password Recovery

1. Turn on the router.

2. Within 60 seconds, perform a “control break” from the PC keyboard.

3. Router prompt should read “rommon>”. This indicates the router is in the ROM Monitor mode.

4. Enter the command “confreg 0x2142”. This resets the configuration

register to bypass NVRAM during the boot and not load the startup configuration file.

5. Enter the command “reset”. This will reboot the router.

6. After the router boots, DO NOT enter the setup mode and terminate auto

install.

7. Enter the enable mode. NOTE: perform either step 8 or 9, not both.

244

8. If the startup configuration is not needed, perform an “erase start” command.

9. If the startup configuration is needed, perform a “copy start run” command.

Change the passwords. Perform a “copy run start” command.

10. Enter the global configuration mode. Enter the command “config-reg 0x2102”. This resets the configuration register so the router will perform a normal boot and load the edited startup configuration.

11. From the enable prompt, perform a “show version” command. Verify

configuration settings are correct.

12. Reboot the router.

245

Basic Commands

• Show Version• Show Flash• Show Run• Copy Run Start/Run TFTP• Erase start/NVRAM• Show Interface• Show IP Interface Brief• Show CDP Neighbor• Show CDP Neighbor Detail• Show Controllers• Clear Counters/IP Route

router2#show version Cisco Internetwork Operating System Software

˚ IOS (tm) C2600 Software (C2600-IPVOICE-M), Version 12.3(6b), RELEASE SOFTWARE (fc1) (IOS Version #)

˚ Copyright (c) 1986-2004 by cisco Systems, Inc. ˚ Compiled Wed 19-May-04 23:04 by dchih ˚ Image text-base: 0x80008098, data-base: 0x817A2EB4

ROM: System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1) (ROM Bootstrap Version #)

˚ router2 uptime is 3 minutes (amount of time router IOS loaded in RAM) ˚ System returned to ROM by reload (method used to reboot router: reload

or power on) ˚ System image file is "flash: c2600-ipvoice-mz.123-6b.bin“ (file name for

IOS) ˚ cisco 2620XM (MPC860P) processor (revision 0x300) with

126976K/4096K bytes of memory. (total RAM installed: main/shared) ˚ Processor board ID JAE0815CHT3 (1401975376) ˚ M860 processor: part number 5, mask 2

246

Bridging software.

˚ X.25 software, Version 3.0.0. ˚ 1 FastEthernet/IEEE 802.3 interface(s) (interfaces identified during

POST) ˚ 2 Serial network interface(s) ˚ 32K bytes of non-volatile configuration memory. (total NVRAM installed) ˚ 32768K bytes of processor board System flash (Read/Write) (total Flash

installed) ˚ Configuration register is 0x2102 (configuration register setting value)

247

Show Version

router2#show versionCisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IPVOICE-M), Version 12.3(6b), RELEASE SOFTWARE (fc1) (IOS Version #)Copyright (c) 1986-2004 by cisco Systems, Inc.Compiled Wed 19-May-04 23:04 by dchihImage text-base: 0x80008098, data-base: 0x817A2EB4


router2 uptime is 3 minutes (amount of time router IOS loaded in RAM)System returned to ROM by reload (method used to reboot router: reload or power on)System image file is "flash:c2600-ipvoice-mz.123-6b.bin“ (file name for IOS)

cisco 2620XM (MPC860P) processor (revision 0x300) with 126976K/4096K bytes of memory. (total RAM installed: main/shared)

Processor board ID JAE0815CHT3 (1401975376)M860 processor: part number 5, mask 2Bridging software.X.25 software, Version 3.0.0.1 FastEthernet/IEEE 802.3 interface(s) (interfaces identified during POST)2 Serial network interface(s)32K bytes of non-volatile configuration memory. (total NVRAM installed)32768K bytes of processor board System flash (Read/Write) (total Flash installed)Configuration register is 0x2102 (configuration register setting value)

router2#show version Cisco Internetwork Operating System Software

˚ IOS (tm) C2600 Software (C2600-IPVOICE-M), Version 12.3(6b), RELEASE SOFTWARE (fc1) (IOS Version #)

˚ Copyright (c) 1986-2004 by cisco Systems, Inc. ˚ Compiled Wed 19-May-04 23:04 by dchih ˚ Image text-base: 0x80008098, data-base: 0x817A2EB4


˚ router2 uptime is 3 minutes (amount of time router IOS loaded in RAM) ˚ System returned to ROM by reload (method used to reboot router: reload

or power on) ˚ System image file is "flash:c2600-ipvoice-mz.123-6b.bin“ (file name for

IOS)

˚ cisco 2620XM (MPC860P) processor (revision 0x300) with 126976K/4096K bytes of memory. (total RAM installed: main/shared)

˚ Processor board ID JAE0815CHT3 (1401975376) ˚ M860 processor: part number 5, mask 2

248

Bridging software.

˚ X.25 software, Version 3.0.0. ˚ 1 FastEthernet/IEEE 802.3 interface(s) (interfaces identified during

POST) ˚ 2 Serial network interface(s) ˚ 32K bytes of non-volatile configuration memory. (total NVRAM installed) ˚ 32768K bytes of processor board System flash (Read/Write) (total Flash

installed) ˚ Configuration register is 0x2102 (configuration register setting value)

249

router2#show flash

System flash directory:File Length Name/status

1 16091148 c2600-ipvoice-mz.123-6b.bin (first file, size of file, & name) [16091212 bytes used, 16938932 available, 33030144 total] (total memory used, memory available, total

memory)32768K bytes of processor board System flash (Read/Write)

Show Flash

router2#show flash System flash directory:

˚ File Length Name/status ˚ 1 16091148 c2600-ipvoice-mz.123-6b.bin (first file, size of file, & ame) ˚ [16091212 bytes used, 16938932 available, 33030144 total] (total

memory used, memory available, total memory) ˚ 32768K bytes of processor board System flash (Read/Write)

250

router2#show running-configBuilding configuration...

Current configuration : 828 bytes (size of configuration file)!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname router2 (host name of router)!boot-start-marker (boot commands)boot-end-marker!enable secret 5 $1$gluW$shWysSIBKZcaSsS8b16DO0 (enable secret password)!no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-modelip subnet-zeroip cefno ftp-server write-enable

Show Running-Config (1)

router2#show running-config Building configuration... Current configuration : 828 bytes (size of configuration file) ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname router2 (host name of router) ! boot-start-marker (boot commands) boot-end-marker ! enable secret 5 $1$gluW$shWysSIBKZcaSsS8b16DO0 (enable secret password) ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ip cef

251

no ftp-server write-enable Note: The Show Run command will always take more than one page to display. If you see “More” at the bottom of a display page, tapping the space bar on the keyboard will scroll down a full screen. Tapping the ‘enter’ key will scroll down line by line.

252

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

ip address 148.43.200.2 255.255.255.252

clockrate 250000

!

interface Serial0/1

no ip address

shutdown

!

(FastEthernet 0/0 configuration)

(Serial 0/0 configuration)


router ospf 100

log-adjacency-changes

network 0.0.0.0 255.255.255.255 area 0

!

ip classless

ip http server

!

line con 0

password router

login

line aux 0

line vty 0 4

password router

login

!

end

(routing protocol configuration)

(line console 0 configuration)

(line vty 0 4 configuration)


253

Copy Commands

router2#copy running-config startup-config Destination filename [startup-config]? Building configuration...

[OK]

router2#copy running-config tftpAddress or name of remote host? 148.43.200.1Destination filename [router2-confg]? .....%Error opening tftp://148.43.200.1/router2-confg (Timed out)

(copy the running config (RAM) to the startup config (NVRAM))

(copy the running config (RAM) to a tftp server)(address or name of tftp server)

(name used for running config when stored on tftp server, name in brackets is default)

router2#erase startup-configErasing the nvram filesystem will remove all configuration files! Continue? [confirm][OK]

Erase of nvram: completerouter2#*Mar 1 00:06:06.151: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

router2#erase nvramErasing the nvram filesystem will remove all configuration files! Continue? [confirm][OK]Erase of nvram: complete

Erase Commands

(erases the startup config from NVRAM)

(erases all files in NVRAM)

254

Show Interface

router2#show interface s0/0Serial0/0 is up, line protocol is up

Hardware is PowerQUICC SerialInternet address is 148.43.200.2/30MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255Encapsulation HDLC, loopback not setKeepalive set (10 sec)Last input 00:00:05, output 00:00:00, output hang neverLast clearing of "show interface" counters 00:06:26Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)

Conversations 0/2/256 (active/max active/max total)Available Bandwidth 1158 kilobits/sec

5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec

80 packets input, 6472 bytes, 0 no buffer0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort79 packets output, 6656 bytes, 0 underruns0 output errors, 0 collisions, 5 interface resets0 output buffer failures, 0 output buffers swapped out4 carrier transitionsDCD=up DSR=up DTR=up RTS=up CTS=up

(indicates the status of layer 1 & 2 on the interface)

(IP address and mask assigned to the interface)(values assigned to the interface; used to calculate routing metrics)

(layer 2 protocol)(layer 2 keepalive interval)

(counters on the interface which log various values used for trouble--shooting and other calculations)

(control lead status)

The show interface command is displays useful information about an interface and will normally give good clues to line problems. The display shown above is a sample output from the show interface serial command for a synchronous serial interface. The following are some significant fields that are shown in the display that are useful in a troubleshooting environment: Serial…is… Indicates whether the interface hardware is up (carrier

detect is present), down (carrier detect is not present), or administratively down if the interface hardware has been taken down by an administrator. (Layer 1)

line protocol is Indicates whether the software processes that handle the

line protocol (encapsulation) consider the line usable or not (up / down), that is, whether keepalives are successful. (Layer 2)

Internet Address Indicates the IP address and mask of the interface. MTU Maximum Transmission Unit of the interface. BW Bandwidth of the i/f in kilobits per second. The BW value is

used to compute metrics only, not real interface speed. Serial defaults to T1 and ether to 10 mbs.

255

DLY Delay of the interface n microseconds. (EIGRP/IGRP metrics only)

rely Reliability of the interface as a fraction of 255(255/255 is

100% reliability), calculated as an exponential average over 5 minutes.

Load Load on interface as a fraction of 255 (255/255 is completely

saturated), calculated as an exponential average over 5 minutes. Based on BW.

Encapsulation Type of encapsulation used on serial link. HDLC is default

for Cisco. keepalive Indicates whether or not keepalives are set and time

between each. Last input Number of hours, minutes, and seconds since the last

packet was successfully received by an interface. Useful for knowing when a dead interface failed.

output Number of hours, minutes, and seconds since the last

packet was successfully transmitted by an interface. Useful for knowing when a dead interface failed.

Last clearing Time at which the shown counters measuring cumulative

statistics (such as number of bytes transmitted and received) were last reset to zero. Variables that might affect routing (for example, load and reliability) are not cleared when the counters are cleared. *** indicates the elapsed time is too large to be displayed.

Output queue, Input queue Number of packets in output / input queues. Each number is

followed by a slash, the max queue size, and the number of packets dropped by a drops full queue.

packets input Total number of error-free packets received by the system. bytes input Total number of bytes, including data and MAC

encapsulation, in the error-free packets received by the system.

no buffers Number of received packets discarded because there was

no buffer space in the main system. Compare with ignored count. Broadcast storms on Ethernets are often responsible for no input buffer events.

256

Received…Broadcasts Total number of broadcast or multicast packets received by the interface. The number of broadcasts should be kept as low as practicable. An approximate threshold is less than 20 percent of the total number of input packets.

runts Number of runt packets discarded because they are smaller

than the medium’s minimum packet size. Any Ethernet packet that is less than 64 bytes is considered a runt. Runts are usually caused by collisions. More than one runt per million bytes received should be investigated.

giants Number of packets discarded for exceeding the medium’s maximum packet size. Any Ethernet packet that is greater than 1518 bytes is considered a giant.

input error Includes runts, giants, no buffer, CRC, frame, overrun, and

ignored counts. Other input-related errors can also cause the input errors count to be increased, and some datagrams may have more than one error; therefore, this sum may not balance with the sum of enumerated input error counts.

CRC Cyclic redundancy checksum generated by the originating

LAN station does not match the checksum calculated from the data received. On a LAN, this usually indicates noise or transmission problems on the LAN interface or the LAN bus itself. A high number of CRCs is usually the result of collisions or a station transmitting bad data. More than one CRC error per million bytes received should be investigated.

frame Number of packets received incorrectly with a CRC error.

On a LAN, this is usually the result of collisions or a malfunctioning Ethernet device.

overrun Number of times the receiver was unable to hand receive

data to a hardware buffer because the input rate exceeded the receiver’s ability to handle the data.

ignored Number of received packets ignored by the interface

because the interface hardware ran low on internal buffers. These buffers are different than the system buffers mentioned previously in the buffer description. Broadcast storms and bursts of noise can cause the ignored count to be increased.

collisions Number of messages retransmitted due to an Ethernet

collision. Collisions are a normal part of Ethernet carrier sense multiple access with collision detection (CSMA/CD.) Excessive collisions are usually the result of a faulty network

257

interface card somewhere on the Ethernet or an overextended LAN (Ethernet or transceiver cable too long, more than two repeaters between stations, or too many cascaded multiport transceivers).The total number of collisions with respect to total output packets should be around 0.1 percent or less. A packet that collides is counted only once in output packets.

interface resets Number of times an interface has been completely reset.

This can happen if packets queued for transmission were not sent within several seconds. Interface resets can also occur when an interface is looped back or shut down.

carrier transitions Number of times the carrier detect signal of a serial i/f has

changed state. If data carrier detect (DCD) goes down and comes up, the carrier transition counter will increment two times. Indicates modem or line problems if the carrier detect line is changing state often.

DCD, DSR, DTR, Indicates whether the control leads between the DCE and DTE device RTS, CTS are in an up down nstatus. If any are in a down status, the interface will be down.

258

router2#show ip interface brief (snapshot status of all interfaces)

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES unset administratively down downSerial0/0 148.43.200.2 YES manual up upSerial0/1 unassigned YES unset administratively down down

Interface: interface of the router

IP-Address: IP address assigned to the interface

OK?: did the interface pass the POST (power on self test) during the boot process

Method: method used to configure the interface – unset, manual, NVRAM

Status: layer 1 status of the interface, up/down

Protocol: status of the layer 2 protocol, up/down

Show IP Interface Brief

Show CDP Neighbor

router2#show cdp neighbor

(Cisco Discovery Protocol; layer 2 protocol for Cisco devices to exchange hardware information)

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

router1 Ser 0/0 127 R S 2620XM Ser 0/0

Device ID: host name of the neighbor device

Local Intrfce: interface of local Cisco device attached to the neighbor

Holdtime: decremented holdtime in seconds (default is 180), if cdp packet is not received within holdtime, neighbor declared dead.

Capability: capability of neighbor device – R for router, S for Switch, H for host, etc.

Platform: model number of neighbor device.

Port ID: interface of neighbor device used to receive cdp information.

259

UHN_66030_ST2R#show cdp neighbor detail-------------------------Device ID: JNN_77050_NV1S (Hostname of neighbor device)Entry address(es):IP address: 10.5.1.2 (IP address of CDP neighbor)

Platform: cisco WS-C2950-24, Capabilities: Switch IGMP (Info on hardware platform of neighbor)Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/2 (Local outgoing interface, Holdtime : 159 sec followed by neighbor’s i/f)

Version :Cisco Internetwork Operating System Software (Neighbor’s IOS info)IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(14)EA1a, RELEASE SOFTWARE(fc1)

Copyright (c) 1986-2003 by cisco Systems, Inc.Compiled Tue 02-Sep-03 03:33 by antonino

advertisement version: 2Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF000000000000000E834953C0FF0000VTP Management Domain: ''Duplex: full

Show CDP Neighbor Detail

router2#show controllers s0/0

Interface Serial0/0Hardware is PowerQUICC MPC860DCE V.35, clock rate 250000idb at 0x829F4D30, driver data structure at 0x829FCACCSCC Registers:

router2#clear counters s0/0

router2#clear ip route *

Show Controllers -Clear Commands

(shows if interface is acting as a DCE or DTE, layer 1 specification/cable type, and

clock rate)

(resets all interface counter statistics to 0)

(removes all entries from the routing table and forces the router to rebuild it)

260

Cisco Router Cheat Sheet

The following commands are executed by pressing the appropriate key:

• Question Mark: Gets help.

o Use at any prompt to see what commands can be executed there. o Type in the beginning of a command, followed directly by a

question mark (no space in between), to see the commands starting with those characters.

o Type in a command, then a space, then a question mark, to see options.

• Q: When in user or privileged EXEC mode, logs you out of the router.

• Tab: Completes a partial command name entry.

• Backspace: Erases the character to the left of the cursor.

• Return: When at the "---More---" prompt, displays the next line.

• Space Bar: When at the "---More---" prompt, displays the next screen.

• Left Arrow: Moves the cursor one character to the left (same as Ctrl-B).

• Right Arrow: Moves the cursor one character to the right (same as Ctrl-

F).

• Up Arrow: Recalls commands in the history buffer, beginning with the most recent command (same as Ctrl-P).

• Down Arrow: Recalls more recent commands in the history buffer (same

as Ctrl-N). The following commands are executed by pressing the keys simultaneously:

• Ctrl-A: Moves the cursor to the beginning of the line.

• Ctrl-B: Moves the cursor back one character (same as Left Arrow).

• Ctrl-C: When in any config mode, ends the config mode and returns you to privileged EXEC mode.

• Ctrl-D: Deletes the character at the cursor.

• Ctrl-E: Moves the cursor to the end of the command line.

• Ctrl-F: Moves the cursor forward one character (same as Right Arrow).

261

• Ctrl-I: Redisplays the system prompt and command line (same as Ctrl-L and Ctrl-R).

• Ctrl-K: Deletes all characters from the cursor to the end of the command

line.

• Ctrl-L: Redisplays the system prompt and command line (same as Ctrl-I and Ctrl-R).

• Ctrl-N: Recalls more recent commands in the history buffer (same as

Down Arrow).

• Ctrl-P: Recalls commands in the history buffer, beginning with the most recent command (same as Up Arrow).

• Ctrl-R: Redisplays the system prompt and command line (same as Ctrl-I

and Ctrl-L).

• Ctrl-T: Transposes the character to the left of the cursor with the character located at the cursor.

• Ctrl-U: Deletes all characters from the cursor back to the beginning of the

command line (same as Ctrl-X).

• Ctrl-V: Inserts a code to indicate to the system that the keystroke immediately following should be treated as a command entry, not as an editing key (same as Esc Q).

• Ctrl-W: Deletes the word to the left of the cursor.

• Ctrl-X: Deletes all characters from the cursor back to the beginning of the

command line (same as Ctrl-U).

• Ctrl-Y: Recalls the most recent entry in the delete buffer. The delete buffer contains the last ten items you have deleted or cut. Ctrl-Y can be used in conjunction with Esc Y.

• Ctrl-Z: When in a config mode, ends the config mode and returns you to

privileged EXEC mode. When in user or privileged EXEC mode, logs you out of the router.

• Ctrl-Shift-6: All-purpose break sequence. Use to abort DNS lookups,

traces, pings, etc.

• Ctrl-Shift-6, followed by X: Suspends (but doesn't terminate) a telnet session. To see the open sessions, use "show sessions". To return to a suspended session, enter that session's number followed by the Return key. To return to the most recently suspended session, hit the Return key at the EXEC mode prompt.

262

The following commands are executed by pressing and releasing the escape key, and then pressing the appropriate letter:

• Esc B: Moves the cursor back one word.

• Esc C: Capitalizes the word from the cursor to the end of the word.

• Esc D: Deletes from the cursor to the end of the word.

• Esc F: Moves the cursor forward one word.

• Esc L: Changes the word to lowercase from the cursor to the end of the word.

• Esc Q: Inserts a code to indicate to the system that the keystroke

immediately following should be treated as a command entry, not as an editing key (same as Ctrl-V).

• Esc U: Capitalizes from the cursor to the end of the word.

• Esc Y: Recalls the next buffer entry. The buffer contains the last ten items

you have deleted. Press "Ctrl-Y" first to recall the most recent entry. Then do "Esc Y" up to nine times to recall the remaining entries in the buffer. If you bypass an entry, continue to press "Esc Y" to cycle back to it.

You will also find the following commands to be useful (when specifying [options], do not include the [brackets]):

• conf t: When in privileged EXEC mode, puts you into global config mode.

• copy run start: Saves the running config to NVRAM. This is an overwrite.

• copy start run: Merges the startup config into the running config. This is NOT an overwrite.

• debug [option]: Starts the specified debugging. Use "debug ?" to see the

choices.

• en (enable): When in user EXEC mode, gets you into privileged EXEC mode.

• end: When in a config mode, takes you back to privileged EXEC mode.

• ex (exit): When in user or privileged EXEC mode, logs you out of the

router. When in global config mode, takes you to privileged EXEC mode. When in a specific config mode, takes you back to global config mode.

• int [type number]: When in any config mode, takes you to interface

config mode for the specified interface.

263

• logg sync (logging synchronous): When in line config mode, turns on automatic redisplay of command lines interrupted by console messages.

• no logging console: When in global config mode, shuts off informational

messages ("logging console" turns them back on).

• no ip domain-lookup: When in global config mode, shuts off DNS name resolution ("ip domain-lookup" turns it back on).

• router [protocol AS-number]: When in global config mode, takes you to

router config mode for the specified IP routing protocol.

• term mon (terminal monitor): When in line config mode, sends debugging messages to the chosen terminal line.

• un all (undebug all): When in privileged EXEC mode, shuts off all

debugging. Commonly used "show" commands (when specifying [options], don't include the [brackets]):

• sh config: The obsolete, pre-10.3 version of "sh start".

• sh cont [type number]: Layer-1 info for specified interface, including cable type, DTE/DCE, etc. Example: "sh cont e 3" (NOT "sh cont e3").

• sh int [type number]: Layer-2 info for specified interfaces. Example: "sh

int e0".

• sh [protocol] int [type number]: Layer-3 info for the specified protocol and interface. Example: "sh ip int s2".

• sh proto: Active Layer 3 protocols.

• sh ip proto: Active IP routing protocols.

• sh [protocol] route: Routing table for the specified protocol. Example:

"sh ip route".

• sh run (show running-config): Shows the running config. Obsoletes "write terminal".

• sh start (show startup-config): Shows the startup config. Obsoletes

"show config".

• wr term: The obsolete, pre-10.3 version of "sh run".

264

Copy TFTP commands (used to backup and restore configs and IOS):

• copy flash tftp: Copies a file from flash to a TFTP server.

• copy run tftp: Copies the running config to a TFTP server.

• copy start tftp: Copies the startup config to a TFTP server.

• copy tftp flash: Copies a file from a TFTP server to flash

• copy tftp run: Merges a file on the TFTP server into the running config.

• copy tftp start: Replaces the startup config with a file from a TFTP server.

• Hints for "copy" commands, which involve a TFTP server ...

o Make sure that the TFTP server software is configured and running. o Make sure that the router can see the TFTP server (PING it). o Execute the appropriate "copy" command. o Make sure that you READ THE QUESTIONS before you answer

them! Useful terms:

• Flash: Special type of RAM that does not lose its contents when power is removed. Used to store IOS.

• IOS (Internetwork Operating System): Cisco's operating system. Stored

in flash.

• NVRAM (Non-Volatile RAM): RAM with a battery attached, used to store the startup config.

• POST (Power-On Self-Test): Diagnostics performed at boot-up, tests the

hardware.

• RAM (Random-Access Memory): Stores frequently-changing data, such as ARP caches, routing tables, packets awaiting forwarding, etc.

• ROM (Read-Only Memory): Chipset on system board where POST and

boot loader (and, on some routers, an IOS subset) are stored.

• running config (also known as "current" or "active" config): How the router is currently configured. Stored in RAM.

• startup config (also known as "backup" config): How the router will be

configured at the next restart. Stored in NVRAM.

265

Remember ...

• Show commands do not work from ANY config mode.

• Config commands do not work from user or privileged EXEC mode.

• Hot keys and command keywords are not case-sensitive, BUT PASSWORDS ARE!

• Some of these commands work on some of the switches.

266

Introduction To

Router Operations

Review Questions

267

1. What is the intended purpose of the auxiliary connection on the router? a. Local PC. b. Testing. c. Has no function. d. Dial-up modem 2. The CF indicator light is on. What does this indicate? a. A CF card is installed.

b. The CF card is operational, with no faults. c. It is safe to remove the CF card.. d. The CF card is being accessed, and should not be removed.

3. What is the maximum amount of flash memory that can be installed in the 2811 router? a. 256 MB b. 64 MB c. 484 MB d. 8 MB 4. How many AIM slots are in the 2811 routers? a. 1 b. 2 c. 3 d. 4 5. What is the main purpose of ROM? a. Contadins IOS b. Contains configuration file. c. Contains bootstrap software. d. Contains routing table. 6. How many Fast Ethernet interfaces are built in to 2811 router chassis? a. 1 b. 2 c. 3 d. 4 7. A network module has two Ethernet interfaces side by side. Facing the back of the router, the one on the left would be numbered: a. e 0 / 0 b. e 1 / 0 c. e 0 / 1 d. e 1 / 2 8. Which of the following is true? a. DTE clocks DCE. b. A router is normally DCE. c. DTE/DCE relationship defines the direction of signals on an interface. d. A modem is usually a DTE.

268

9. Control leads: a. Always exist between two communications devices. b. Carry timing signals. c. Are designed to control the flow of data. d. Are not present on a router serial interface. 10. Why must control leads be “looped” on a router serial interface? a. For testing. b. DCE device does not support control leads. c. Only on an EIA 530 interface. d. Always done during initial link installation. 11. If only using one WIC serial interface on the 2811 router, the max data rate is: a. 8MBps b. 4 MBps c. 1 MBps d. 2 MBps 12. A 10base2 connection is a. RJ45/CAT5 cable. b. BNC/RG-58 cable. c. Fiber. d. RS-449. 13. A configuration register setting of _______ will result in a normal boot sequence. a. 0x2142 B. 0x2102 c. 0x2012 d. 0x2412 14. On an FE RJ45 “cross over” cable, which pins must be connected together? a. 1 – 3, 2 – 6, 3 – 1, 6 – 2 b. 1 – 6, 2 – 3, 6 – 1, 3 – 2 c. 1 – 3, 2 – 6, 4 – 7, 5 – 8 d. 1 – 3, 2 – 4, 5 – 7, 6 – 8 15. What type of RJ45 cable must be used between the PC and router console port? a. Straight through. b. Crossover. c. Rollover. d. DB 9 – DB 37. 16. To access a router through an Ethernet or serial interface: a. The PC must support TFTP. b. The router must be configured to support IP traffic. c. You must have network passwords. d. The PC must be operating with NT 4.0.

269

17. When the router is turned on, what is checked first to determine boot sequence? a. IOS. b. TFTP. c. NVRAM. d. Configuration Register. 18. What does IOS stand for? a. Integrated Operating System. b. Internetwork Operating System. c. International Organization of Standards. d. in/Out Sequencer. 19. If the router cannot find a valid configuration file, which mode does it enter? a. User exec. b. Global configuration. c. Set up. d. Privileged exec. 20. Which information is available from the show version command? a. Routing table. b. Host name. c. Passwords. d. Configuration register settings. 21. Which command will show amount of Flash installed in the router? a. Show Flash. b. Show Version. c. Show Running Configuration. d. Both a and b. 22. What information will show controllers provide? a. Router processor utilization. b. Number of errors received. c. Amount of time interface has been active. d. Type of cable connected to a serial interface. 23. Under the show interface command, the bandwidth statement configured on the interface is shown. This bandwidth configuration does what? a. Sets link data bandwidth. b. Used by routing protocols to calculate metrics. c. Determines packet size. d. Sets clock rate. 24. A file is copied into the start-up configuration. Which of the following is true? a. The router-running configuration is reset immediately. b. The IOS is modified. c. Nothing changes until the router reboots. d. Routing table is deleted and rebuilt.

270

25. The CF Flash contains: a. Configuration file. b. NVRAM. c. IOS. d. ROM. 26. Show IP Int Brief: a. Shows an error count. b. Shows type of encapsulation. c. Shows control lead status. d. Shows interface IP address. 27. Show IP Route: a. Displays multi-path options. b. Displays the routing table. c. Displays OSPF database. d. Displays Ethernet error count. 28. The running configuration: a. Is in RAM. b. Is in NVRAM. c. Is in Flash. d. Is in ROM. 29. Changes made to the running configuration: a. Are automatically copied to NVRAM. b. Are lost if router is powered down. c. Are stored in ROM. d. Are sent to the TFTP server. 30. If two routers’ directly connected active serial interfaces are correctly connected and configured, except for incorrectly numbered IP addresses, a ‘show ip interface brief’ command on either router will show what status in the two right-hand columns? a. up / down b. down / down c. administratively down / down d. up / up 31. In the scenario in question 30, which of these valid commands can be used on your router to determine the neighbor router’s interface IP address? a. sho run b. sho cdp nei det c. sho int S0/0/0 d. sho ip int br

TAB

Insert Tab # 6 Here

Introduction to Routing and Static Route Lab

272

273

• Routing is the process of determining the best path through a topology to reach a destined network. The router does this by building and referencing the routing table.

Which Path?Which Path?Which Path?

What is Routing??????

Routing is the process of determining the best path for packets through an internetwork based on OSI layer three addressing. The destination address of packets is examined, then stored information (routing table) about destination networks is examined to determine the best path. These packets are then directed from a source network to the destination network. Through the use of dynamic routing protocols, routers exchange information concerning the state of destination networks. This information is then used to build the routing table. Different routing protocols use different criteria for determining the best route.

274

What is Switching??????

Routing TableNetwork X s0

Network Y s1

Network Z s2

Network A e0e0

s0

s1

s2

X

Y

Z

Switching is the process of moving packets within a router from an incoming interface to an outgoing interface. Theroutingtable is consulted to determine the outgoing interface.

NetworkA

Switching, in relation to routers, is the process of taking an incoming packet from an interface and delivering it out another interface. The router determines the best path by consulting the routing table; the table lists the interface the packet must exit to take the path. Routers employ different types of switching. The most basic has the router building a table or cache of destination addresses as packets are routed out certain interfaces. From this point on, the switching cache is consulted before the routing table and if an exact match is found, the packet is immediately switched to the appropriate exit interface. This dramatically speeds up the delivery of packets. The phrase “route few, switch many” is used to describe this process. The separate functions of routing and switching work together to move data as fast as possible, after the routing function decides which outgoing interface to use for addressed packets, the switching function can use the same interface for any identically addressed follow-on packets. A new route look-up is not needed.

275

Routing Uses Network Addresses

Destination Network

Router Port

10.1.0.0 E0

10.2.0.0 E1

10.3.0.0 E2

Router Address

10.1.23.7

10.2.5.3

10.3.15.14

10.1.0.010.2.0.0

10.3.0.0E0=10.1.23.7

E1=10.2.5.3

E2=10.3.15.14

• Network portion of address used to make path selections.

• Packets are routed to networks, not hosts.

• Packets are delivered to host via layer 2 (ARP).

Routers relay a packet from one data link to another. To relay a packet, a router uses two basic functions: a path determination function and a switching function. The graphic illustrates how routers use the addressing for routing and switching functions. Although the path determination function sometimes is able to calculate the complete path from the router to the destination, a router is responsible only for passing the packet to the best network along the path. This best path is represented as a direction to a destination network—like the arrows in the figure pointing to the next hop. The router uses the network portion of the address to make path selections. The switching function allows a router to accept a packet on one interface and forward it on a second interface. The path determination function enables the router to select the most appropriate interface for forwarding a packet. The network portion of the address refers to a specific port on the router that leads to an adjacent router in that direction.

276

Network-Layer Protocol Operations

BB

XY

AACC

ApplicationPresentationSessionTransportNetworkData LinkPhysical

ApplicationPresentationSessionTransportNetworkData LinkPhysical

A B C

X Y

NetworkData LinkPhysical



As packets travels through the network, only layers 1-3 are examined and/or altered.

When a host application needs to send a packet to a destination on a different network, a data-link frame is received on one of a router’s interfaces. The router decapsulates and examines the frame to determine what type of network-layer data is being carried. The network-layer data is sent to the appropriate network-layer process, and the frame itself is discarded. The network-layer process examines the header to determine the destination network and then references the routing table that associates networks to outgoing interfaces. The packet is again encapsulated in the data-link frame for the selected interface and queued for delivery to the next hop in the path. This process occurs each time the packet switches through another router. At the router connected to the network containing the destination host, the packet is again encapsulated in the destination LAN’s data-link frame type for delivery to the protocol stack on the destination host.

277

What is a Routing Table? Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRP - periodic downloaded static route

Gateway of last resort is 148.18.16.255 to network 0.0.0.0

148.18.0.0/16 is variably subnetted, 51 subnets, 6 masksD 148.18.120.252/30 [90/1787392] via 148.18.16.255, 03:46:01, Serial2/0D 148.18.14.128/30 [90/11023872] via 148.18.16.255, 03:45:33, Serial2/0

[90/11023872] via 148.18.14.255, 03:45:33, Serial1/2D 148.18.14.129/32 [90/11023872] via 148.18.16.255, 03:46:01, Serial2/0D 148.18.14.130/32 [90/11023872] via 148.18.14.255, 03:45:33, Serial1/2D 148.18.106.224/30 [90/10563072] via 148.18.57.255, 03:46:05, Serial3/0D 148.18.104.224/29 [90/6026496] via 148.18.19.255, 03:46:01, Serial1/1C 148.18.110.248/30 is directly connected, Ethernet0/2D 148.18.104.255/32 [90/6151936] via 148.18.19.255, 03:46:26, Serial1/1D 148.18.102.244/30 [90/3037440] via 148.18.19.255, 03:46:26, Serial1/1D 148.18.111.255/32 [90/10716672] via 148.18.57.255, 00:48:39, Serial3/0D 148.18.20.132/30 [90/11023872] via 148.18.57.255, 03:46:05, Serial3/0S 148.18.110.244/30 [1/0] via 148.18.110.250D*EX 0.0.0.0/0 [170/2767360] via 148.18.16.255, 03:45:34, Serial2/0

A routing table is what the router uses to determine where to send packets. The table lists the network and the router interface the packet must exit to reach it. To build the table, the router uses the administrative distance as the first factor in determining which routes are placed into the table. If routes have the same distance, the cost or metrics is then used.

278

Longest Match Rule

D 148.18.20.132/30 [90/11023872] via 148.18.57.255, 03:46:05, Serial3/0

S 148.18.110.244/30 [1/0] via 148.18.110.250

D*EX 0.0.0.0/0 [170/2767360] via 148.18.16.255, 03:45:34, Serial2/0

• When there are multiple matches in a routing table for incoming packets, the entry with the most explicit or longest mask is the entry utilized. • In the above example, the packet would be routed out interface S3/0.

A packet with an address of 148.18.20.133 is a match for

both of these entries.

Which interface will the packet exit?

All routers must implement a consistent forwarding algorithm based on the "longest match" algorithm. The deployment of VLSM means that the set of networks associated with extended-network-prefixes may manifest a subset relationship – that is, one or more of the subnets listed in the routing table may be smaller parts of other larger networks listed in the table. A route with a longer extended-network-prefix describes a smaller set of destinations than the same route with a shorter extended-network-prefix. As a result, a route with a longer extended-network-prefix is said to be more specific, while a route with a shorter extended-network-prefix is said to be less specific. Routers must use the route with the longest matching extended-network-prefix (most specific matching route) when forwarding traffic. A longer mask means a smaller network, so forwarding packets to that routing table entry gets the packets closer to home.

279

How is a Routing Table Built?

STATICnetwork 192.10.1.0/24 via s0

OSPFnetwork 192.10.1.0/24 via s1

RIPnetwork 192.10.1.0/24 via s2

RoutingTable

192.10.1.0/24

s0s1

s2

STATIC

OSPF

RIP

The router can learn about the same network from multiple sources (protocols).How does the router determine which source’s information to use?

Candidate Routes Being Offered

Route information can come from many different sources. When the router receives the same route information from multiple sources, it must decide which source’s information to use (install into the routing table). How does it do this?

280

Choosing a Candidate Route

Distance & Metrics

O 148.43.200.101/32 [110/455]

Distance

(Routing Table Entry) Metric

When deciding what route information is installed into the routing table, the router looks at two things: Distance and Metrics

281

Administrative Distance

Interface 128.31.7.1 Administrative Distance=100

Interface 128.5.1.3Administrative Distance=120 Router DRouter DRouter CRouter C

Router BRouter B

I need to send a packet to Router D. Both router B and C will get it there. Which route is more reliable?

Router BRouter BRouter ARouter A

Administrative distance is a rating of the trustworthiness of a routing information source, such as an individual router or a group of routers running a particular routing protocol. Distance is an integer from 0 to 255, in general, the higher the value the lower the trust rating. A distance of 255 means the routing information source cannot be trusted at all and should be ignored. Specifying distance values enables the router to discriminate between sources or routing information. The router always picks the route whose source has the lowest distance.

282

Administrative Distance Defaults

Connected Interface 0

Static Route 1

RIP 120

IGRP 100

EIGRP 90

OSPF 110

BGP 20

Administrative distance can be manually configured on the router to give certain routing protocols preference over others. Under the desired routing protocol configuration, use the distance command.

283

Metrics

Metric is used to determine the best path when multiple routes to a destination are received from the same source (equal distance).

The router uses values such as bandwidth, delay, MTU, load & reliability to calculate the metric. These values are assigned to the router interface and the metric is applied on an outgoing basis.

SourceDestination

256 kbs 768 kbs

T1

10 mbs

256 kbs 512 kbs

256 kbs512 kbs

Once a routing information source has been selected using administrative distance, it is possible to get multiple path information for the same destination from the same source. How does the router decide which is the preferred path? Metrics are used to determine this. Different routing protocols use different variables to determine the metric value. Examples of the variables used are things such as hop count, bandwidth, delay, reliability, load, and MTU.

284

Classful Routing

• Classful routing protocols are a consequence of the distance vector method of route calculation.

- RIPv1- IGRP

Routing masks are not carried within the periodic routing updates.

• Within a network, consistency of masks is assumed.

Classful protocols do not ‘get’ VLSM. All subnets within your network must have the same mask.

Classful routing is a consequence of the fact that routing masks are not advertised in the periodic, routine, routing advertisements generated by most distance vector routing protocols. In a classful environment, the receiving device must know the routine mask associated with any advertised subnets. This information can be gained two ways:

The receiving device shares the same routing mask as the advertised device.

If the mask does not match, the receiving device must use the default

routing mask. This means the device must summarize the received route into a classful boundary before sending it with the default routing mask in its own advertisement.

285

• Classless routing protocols include the routing maskwith the route advertisement.

- OSPF- EIGRP- RIPv2- IS-IS- BGP

• Summary routes can be manually controlled withinthe network.

Classless Routing

Classless routing protocols can be considered second-generation protocols because they are designed to deal with some of the limitations of the earlier classful protocols. One of the most serious limitations in a classful network environment is that the routing mask is not exchanged during the routing update process. This original approach required the same routing mask be used on all subnetworks. The classless approach advertises the routing mask for each route and therefore a more precise lookup can be performed in the routing table. Classless routing protocols also addressed another limitation of the classful approach: the need to summarize to a classful network with a default routing mask at all major network boundaries. In the classless environment, the summarization process is manually controlled and can be invoked at any bit position (i.e., using any length of mask) with the network address. Some of the hierarchical designs using OSPF allow summarization at any bit position, but restrict configuring summarization to specific devices, such as area border routers. Since subnet routes are propagated throughout the routing domain, summarization is required to keep the size of the routing table manageable.

286

Types of Routing Protocols

Distance Vector•RIP•IGRP

Distance Vector•RIP•IGRP

Hybrid Routing•EIGRPHybrid Routing•EIGRP

Link State•OSPFLink State•OSPFCC

DD

BB

AA

CC

DD

BB

AA

Distance vector algorithms are based on the work done of R. E. Bellman, 1 L. R. Ford, and D. R. Fulkerson2 and for this reason occasionally are referred to as Bellman-Ford or Ford-Fulkerson algorithms. The name distance vector is derived from the fact that routes are advertised as vectors of (distance, direction), where distance is defined in terms of a metric and direction is defined in terms of the next-hop router. For example, "Destination A is a distance of 5 hops away, in the direction of next-hop router X.” As that statement implies, each router learns routes from its neighboring routers' perspectives and then advertises the routes from its own perspective. Because each router depends on its neighbors for information, which the neighbors in turn may have learned from their neighbors, and so on, distance vector routing is sometimes facetiously referred to as "routing by rumor”. The information available to a distance vector router has been compared to the information available from a road sign. Link state routing protocols are like a road map. A link state router cannot be fooled as easily into making bad routing decisions, because it has a complete picture of the network. The reason is that unlike the routing-by-rumor approach of distance vector, link state routers have firsthand information from all their peer routers. Each router originates information about itself, its directly connected links, and the state of those links (hence the name). This information is passed around from router to router, each router making a copy of it, but never changing it. The ultimate objective is that every router has identical information about the internetwork, and each router will

287

independently calculate its own best paths. Link state protocols, sometimes called shortest path first or distributed database protocols, are built around a well-known algorithm from graph theory, E. W. Dijkstra'a shortest path algorithm. Hybrid Routing, commonly referred to as balanced-hybrid routing, is a combination of distance-vector routing, which works by sharing its knowledge of the entire network with its neighbors and link-state routing which works by having the routers tell every router on the network about its closest neighbors. Hybrid Routing is a third classification of routing algorithm. Hybrid routing protocols use distance-vectors for more accurate metrics to determine the best paths to destination networks, and report routing information only when there is a change in the topology of the network. Hybrid routing allows for rapid convergence but requires less processing power and memory as compared to link-state routing.

288

Routing Protocol Design

Distance Vector Protocols: “Routing by Rumor” Each router only knows what its neighbors tell it. None of the routers have a complete picture of the network topology. A distance vector update would say “I can get your traffic to network X, which is Y distance from me.” Can be prone to routing loops as a result of too little information.

Link State Protocols: Each router sends info about itself and its connected links to its neighbors. This info is passed alongunchanged, and thus shared with all routers. Each router ends up with an identical, complete "map" of the network.

Hybrid Protocols: Routers use distance vector metrics, but have loop-avoidance mechanisms built in. Hybrid protocol routers build a much smaller database than a link state router.

289

Static vs. Dynamic Routes

• Static routeUses a protocol route that a network administrator enters into the router.

• Dynamic routeUses a route that a network routing protocol adjusts automatically for topology or traffic changes.

Static knowledge is administered manually: A network administrator enters it into the router’s configuration. The administrator must manually update this static route entry whenever an internetwork topology change occurs. Static knowledge can be private – by default, it is not conveyed to other routers as part of an update process. However, the routers can be configured to share this knowledge. Dynamic knowledge works differently. After the network administrator enters configuration commands to start dynamic routing, a routing process updates route knowledge automatically whenever new topology information is received from the internetwork. Changes in dynamic knowledge are exchanged between routers as part of the update process.

290

Configure Router for Network Operations

Options for Router Configuration- System Configuration Dialog

Consists of a series of questions designed to guide a user through a first-time set-up of the router

- Manual ConfigurationConfiguration commands are typed in one by one at the Command Line Interface (CLI), orConfiguration may be pasted into the CLI from saved text file

- Configuration File Transfer from TFTP Server

Routers can be configured by following a set of questions included in the System Configuration Dialog. This method was designed as a first-time set-up routine. This initial configuration dialog can take longer than manual configuration. Manual configuration is performed by typing commands at the Command Line Interface (CLI), or pasting a series of configuration commands into the CLI from a text file. This method is most commonly used. Configurations can also be stored as back-ups on a TFTP server accessible through the network. By using ‘copy’ commands, files can be written to, or downloaded from, the server.

291

1. Cabling

2. Router Manual Configurationa. Hostname and Passwordsb. Numbered serial interfacesc. Confirm configuration using 'show' commands

3. Static Routes

4. Reacting to New Networks / Topology Changesa. Unnumbered Serial Interfacesb. LANs

5. Limitations

Static Route Lab

Static Lab Instructions (Part 1)

1. Establish cabling between routers as shown in the network diagrams. Follow the step-by-step manual configuration commands on following pages to set up hostnames and passwords; and IP addresses and other configurations on the router’s serial interface(s).

2. After Step 1, review the router configurations as a group by using the

‘show’ commands provided, and discuss DCE / DTE relationships, clock-rates, and layer 2 encapsulation options.

3. Set up static routes as needed to successfully ping all routers in the

network.

292

Serial Cabling and IP Addresses

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

ROUTER 1

ROUTER 2

ROUTER 4

ROUTER 5

ROUTER 7

148.43.200.10

148.43.200.9

148.43.200.13

148.43.200.14148.43.200.5

148.43.200.6

148.43.200.22

148.43.200.18 148.43.200.21

148.43.200.17

ROUTER 3 S0/0/0148.43.200.25

148.43.200.26

ROUTER 6

All subnet masks forserial interfaces are /30

Serial Cabling and IP Addresses

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

ROUTER 1

ROUTER 2

ROUTER 4

ROUTER 5

ROUTER 7

148.43.200.10

148.43.200.9

148.43.200.13

148.43.200.14148.43.200.5

148.43.200.6

148.43.200.38

148.43.200.18 148.43.200.21

148.43.200.17

ROUTER 3 S0/0/0 148.43.200.25

148.43.200.26

ROUTER 6

ROUTER 8

148.43.200.37148.43.200.22S0/0/1 S0/0/0

8 Router AlternateConfigurationAll subnet masks for

serial interfaces are /30

293

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no!Press return to get started!!!Router>enRouter#config tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#hostname router3router3(config)#enable secret secretrouter3(config)#line con 0router3(config-line)#password consolerouter3(config-line)#logging synchronousrouter3(config-line)#loginrouter3(config-line )#line vty 0 15router3(config-line)#password vtyrouter3(config-line)#loginrouter3(config-line)#^Z

Hostname and Passwords

Setting the password on the virtual terminal lines allows the option of telnetting in to the router for remote monitoring or troubleshooting.

Password:router1>enPassword:router1#config tEnter configuration commands, one per line. End with CNTL/Z.router1(config)#int S0/0/0router1(config-if)#ip address 148.43.200.9 255.255.255.252router1(config-if)#clockrate 250000router1(config-if)#encap ppprouter1(config-if)#no shutrouter1(config-if)#^Zrouter1#

Configuring a Serial Interface

Use the diagrams on the preceding pages to determine your ip addresses and subnet masks. Configure one or two serial interfaces, as needed.

294

router5#sho controllers serial 0/0/0HD unit 0, idb = 0xC0EE4, driver structure at 0xC6240DCE V.35, clockrate 2000000cpb = 0x11, eda = 0x5140, cda = 0x5000RX ring with 16 entries at 0x11500000 bd_ptr=0x5000 pak=0x0C87E8 ds=0x11CCA8 status=80 pak_size=2201 bd_ptr=0x5014 pak=0x0C85F0 ds=0x11C5E8 status=80 pak_size=6802 bd_ptr=0x5028 pak=0x0C83F8 ds=0x11BF28 status=80 pak_size=2203 bd_ptr=0x503C pak=0x0C8200 ds=0x11B868 status=80 pak_size=68

Show Controllers S0/0/0

DTE receives timing from DCE (directly connected).– CSU/DSU– Modem– Router

DCE interface provides clock to DTE interface. – DCE clock rate determines at what rate

the data will be transferred between the DCE/DTE.

DCE to DTE

295

Speed (bits per second)120024004800960019200384005600064000720001250001480002500005000008000001000000

router5# config trouter5(config)# int s0/0/0router5(config-if)# clock rate ?

Possible DCE Clock RatesIf you choose a clock rate that is not supported by the router, the nearest clock rate will be used.

Clock Rate

A list of supported clock rates will be displayed.

Choose a DCE interface and perform the commands below.

Show IP Interface Brief

router5>enablePassword:router5#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES manual administratively down down

Serial0/0/0 148.43.200.18 YES manual up up

Serial0/0/1 148.43.200.21 YES manual up up

The router will not place a route in the routing table until the path to that network is ‘up up’

296

Router5#show int S0/0/0Serial0 is up, line protocol is upHardware is HD64570Internet address is 148.43.200.13/30MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255Encapsulation PPP, loopback not set, keepalive set (10 sec)Last input 00:00:06, output 00:00:01, output hang neverLast clearing of "show interface" counters neverQueueing strategy: fifoOutput queue 0/40, 0 drops; input queue 0/75, 0 drops5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec

13328 packets input, 843133 bytes, 0 no bufferReceived 7178 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort7182 packets output, 424894 bytes, 0 underruns0 output errors, 0 collisions, 2 interface resets0 output buffer failures, 0 output buffers swapped out0 carrier transitionsDCD=up DSR=up DTR=up RTS=up CTS=up

Show Interface

Encapsulation

Encapsulation: The technique used by layered protocols in which a layer adds additional header information to the Protocol Data Unit (PDU).

HDLC: High Level Data Link Control- Cisco Proprietary version of HDLC

PPP: Point to Point Protocol

297

Router5#sho ip routCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate defaultU - per-user static route, o - ODR

Gateway of last resort is not set

148.43.0.0/16 is variably subnetted, 4 subnets, 2 masksC 148.43.200.22/32 is directly connected, Serial0/0/1C 148.43.200.20/30 is directly connected, Serial0/0/1C 148.43.200.17/32 is directly connected, Serial0/0/0C 148.43.200.16/30 is directly connected, Serial0/0/0

Show IP Route

Why are these /32 routes here?Whose addresses are they?Are they needed?

PPP shares network address info with directly connected neighbors, and adds the address of the neighbor’s interface into the routing table. This is very useful in some cases, but with numbered serial interfaces, it only serves to add latency to the network due to increased route look-up times.This can be solved in manual configuration, using the no peer neighbor-route command on the interfaces.

Network148.43.200.20 /30

PPP Encapsulation Peering

Network148.43.200.16 /30

.22.21 .17.18

148.43.0.0/16 is variably subnetted, 4 subnets, 2 masksC 148.43.200.22/32 is directly connected, Serial0/0/1C 148.43.200.20/30 is directly connected, Serial0/0/1C 148.43.200.17/32 is directly connected, Serial0/0/0C 148.43.200.16/30 is directly connected, Serial0/0/0

298

Modify the Serial Configurationrouter1#config tEnter configuration commands, one per line. End with CNTL/Z.router1(config)#int S0/0/0router1(config-if)#no peer neighbor-routerouter1(config-if)#shutdown!!router1(config-if)#no shut!!router1(config)#int S0/0/1router1(config-if)#no peer neighbor-routerouter1(config-if)#shutdown!!router1(config-if)#no shut

router1(config-if)#^Zrouter1#

Repeat the shut / no shut for all serial interfaces

Show IP Route

Router5#sho ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate defaultU - per-user static route, o - ODR

Gateway of last resort is not set

148.43.0.0/16 is variably subnetted, 2 subnets, 1 maskC 148.43.200.20/30 is directly connected, Serial0/0/1C 148.43.200.16/30 is directly connected, Serial0/0/0

NOTICE: At no time did you type a network address whenyou configured the interfaces. The router calculated thenetwork address to put in the routing table, based on your choice of interface ip address and mask.

299

Which Routers Are Reachable?

• Ping the interface of a connected neighbor

• Ping an interface of a router not directly connected to yours

• Trace route to an interface on a router not directly connected.

Routers consult their routing tables in order to route packets to the destination network. If the destination is not listed in the routing table, the network is unreachable. One option to get these networks listed in the routing table is to set up static routes.

Static Route Lab Serial Port Diagram

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

ROUTER 1

ROUTER 2

ROUTER 4

ROUTER 5

ROUTER 7

NETWORK 148.43.200.8BROADCAST 148.43.200.11

148.43.200.10

148.43.200.9

NETWORK 148.43.200.12BROADCAST 148.43.200.15148.43.200.13

148.43.200.14148.43.200.5

148.43.200.6

148.43.200.22

148.43.200.18 148.43.200.21

148.43.200.17

ROUTER 3 S0/0/0148.43.200.25

148.43.200.26

ROUTER 6





300

Static Route Lab Serial Port Diagram

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

S0/0/0

S0/0/1 S0/0/0

S0/0/1 S0/0/0

ROUTER 1

ROUTER 2

ROUTER 4

ROUTER 5

ROUTER 7

148.43.200.10

148.43.200.9


148.43.200.13

148.43.200.14148.43.200.5

148.43.200.6

148.43.200.38

148.43.200.18 148.43.200.21

148.43.200.17

ROUTER 3 S0/0/0148.43.200.25

148.43.200.26

ROUTER 6


ROUTER 8

148.43.200.37148.43.200.22S0/0/1 S0/0/0




8 Router AlternateConfiguration



Static Routes

• Administrator must configure router with all networks not directly connected to it.

• Specifies the interface the router must use to reach a network.

• Every router within the topology must configure for all networks not directly connected.

• Every router must update their configurations when there is a change in the topology (network added/deleted).

• Static route configuration forces an entry into the routing table.

301

ip route network mask [address|interface] [distance] [permanent]

Network Destination network for the static route

Mask Prefix mask for the destination network

Address IP address of the next hop that can be used to reach that network

Interface Interface number on router to exit to reach destination network

distance (Optional) Administrative distance for the static route

permanent (Optional) Specifies that the route will not be removed

Router(config)#

Static Route Configuration (1)

Every router within the topology must configure for all networks not directly connected.

USE THE SERIAL INTERFACE NETWORK DIAGRAM TO DETERMINE ALL STATIC ROUTESNETWORK SUBNET MASK SERIAL INTERFACE

Static Route Configuration (2)

302

router5>enablePassword:router5#config tEnter configuration commands, one per line. End with CNTL/Z.router5(config)#ip route 148.43.200.16 255.255.255.252 s0/0/0router5(config)#exit01:06:01: %SYS-5-CONFIG_I: Configured from console by console

Configure Static Routes

Note: Routers route to networks. IP addresses specified in static route configuration should be the actual network address,

not a host address.

show runip route 148.43.200.12 255.255.255.252 Serial0/0/1ip route 148.43.200.16 255.255.255.252 Serial0/0/1ip route 148.43.200.20 255.255.255.252 Serial0/0/1ip route 148.43.200.24 255.255.255.252 Serial0/0/0

show ip routeGateway of last resort is not set

148.43.0.0/16 is variably subnetted, 8 subnets, 2 masksS 148.43.200.20/30 is directly connected, Serial0/0/1S 148.43.200.16/30 is directly connected, Serial0/0/1S 148.43.200.24/30 is directly connected, Serial0/0/0C 148.43.200.6/32 is directly connected, Serial0/0/0C 148.43.200.4/30 is directly connected, Serial0/0/0S 148.43.200.12/30 is directly connected, Serial0/0/1C 148.43.200.10/32 is directly connected, Serial0/0/1C 148.43.200.8/30 is directly connected, Serial0/0/1

ConfirmStatic Routeentries at bottomof Show RunScreen.

ConfirmStatic Routesappear inrouting table.

Confirm Static Routes

303

• Control “Z”• copy run start• sho ip interface brief• sho ip route• Ping all routers on network• Traceroute to a network not

directly connected

Confirmation Commands

router5#telnet 148.43.200.14Trying 148.43.200.14 ... Open

User Access Verification

Password:router4> exit

router5#trace 148.43.200.14-- ‘Ctrl-Shift-6’ to stop

Telnet / Trace

304

Unnumbered Operations

1.Serial interfaces can be configured without using individual IP addresses. In order to perform unnumbered operations, a loopback interface must be created.

2. A loopback interface is a virtual interface on a Cisco router which is treated as a physical (real) port, but has no external connection. An IP address is assigned as if it were a physical interface.

3. In order to use unnumbered operations, serial interfaces must be referenced to a loopback interface.

Benefits of Unnumbered Operations

1. Serial ports are referenced to the loopback interface, which saves IP addresses. Several interfaces can use the same IP.

2. The loopback interface address becomes the router’s designated IP, which supports ping, telnet, and trace route.

3. When used with the IP unnumbered command, serial ports can be moved to other paths without reprogramming.

305

Configuring a Loopback Interface

router (config-if)#IP address 148.43.200.x 255.255.255.255

router (config)#Interface loopback0

Establishes the loopback interface 0

Gives the interface an address. Note the explicit mask, 255.255.255.255, or /32, which defines the loopback address as a network with one IP address only.

Configure Unnumbered Interfaces

router (config)#Interface S0/0/0

router (config-if)#IP unnumbered loopback0

Selects the interface you want to configure

References the interfaces to the loopback address

This technique is used for serial interfaces, not fastethernet interfaces.

306

Loopback Interface Example

Configuring a Loopback AddressPassword:router1>enPassword:router1#config tEnter configuration commands, one per line. End with CNTL/Z.router1(config)#int loopback0router1(config-if)#ip address 148.43.200.1 255.255.255.255router1(config-if)#^Z

Use these two examples to configure unnumbered operations on your serial interfaces when the lab exercise continues.

307

Unnumbered Serial Interfaces

Configuring a Serial Interface (unnumbered)Password:router1>enPassword:router1#config tEnter configuration commands, one per line. End with CNTL/Z.router1(config)#int s0/0/0router1(config-if)#ip unnumbered loopback0router1(config-if)#bandwidth 512router1(config-if)#encap ppp (Notice that ppp neighbor peeringrouter1(config-if)#no shut must be allowed inrouter1(config-if)#^Z unnumbered operations.)

Hosts and the Default Gateway

f0/0 163.1.15.254/23

5

router1(config)#int f0/0router1(config-if)#ip address 163.1.15.254 255.255.254.0

The host IP address given to the fastethernet interface establishes the local area network on the router. Hosts can be connected to the network, using other host addresses for their IPs, and specifying the router’s interface as the default gateway.

308

LANs and Host Addresses

Configuring an Ethernet/Fast Ethernet InterfacePassword:router1>enPassword:router1#config tEnter configuration commands, one per line. End with CNTL/Z.router1(config)#int f0/0router1(config-if)#ip address 148.43.200.1 255.255.255.0router1(config-if)#no shutrouter1(config-if)#^Zrouter1#Go to Network Connections \ Local Area Connection properties \ TCP/IP

Properties on the laptop to configure a host ip address.

309

Unnumbered Operationsand Establishing LANs

1. Erase start. Wait for the erase of nvram to be complete. Reboot the router. Rebuild the network.

2. Implement unnumbered operations in the network

3. Configure Local Area Networks (LANs)a. Fastethernet interfacesb. Host laptop IP addresses

4. Set up new static routes as needed.

Static Lab Instructions (Part 2):

1. Follow the guidance provided by the instructor to establish loopback interfaces and configure unnumbered operations on serial interfaces. Reconfigure the routers for IP unnumbered operations. Perform Step 2 at this time.

2. Establish your LAN by configuring a router fastethernet interface, and

putting an appropriate IP address on your laptop.

3. Set up static routes to the new networks.

310

4

f0/0

f0/0

f0/0

f0/0

f0/0

148.43.200.49/28

148.43.200.145/28

148.43.200.65/28

148.43.200.97/28

148.43.200.113/282

f0/0148.43.200.81/28

f0/0148.43.200.129/28

S0/0/0 S0/2/1

1

5

7

63

Static Route Lab 7 Router Configuration

S0/0/1

S0/0/0

S0/0/1

S0/0/1

S0/0/0

S0/0/1

S0/0/0

S0/0/0

S0/0/0

S0/0/1

Loopback148.43.200.1/32

Loopback148.43.200.7/32

Loopback148.43.200.4/32

Loopback148.43.200.5/32Loopback

148.43.200.2/32

Loopback148.43.200.3/32

Loopback148.43.200.6/32

4f0/0f0/0

148.43.200.49/28

148.43.200.65/28

148.43.200.97/28

f0/0148.43.200.113/28

S0/0/0

S0/0/1

S0/0/1

S0/0/0

S0/0/1

S0/0/0

6

2

S0/0/1

S0/0/0

3f0/0

148.43.200.81/28

f0/0148.43.200.129/28

S0/0/1

S0/0/0

S0/0/0S0/2/1

1

5

Static Route Lab 8 Router Configuration

S0/0/0

S0/0/1

f0/0148.43.200.161/288

f0/0148.43.200.145/28

7

f0/0

Loopback148.43.200.1/32

Loopback148.43.200.7/32

Loopback148.43.200.4/32

Loopback148.43.200.5/32

Loopback148.43.200.2/32

Loopback148.43.200.3/32

Loopback148.43.200.6/32

Loopback148.43.200.8/32

311

New Networks

• Static Routes– Must know the new network exists.– Must have the IP address (network &

mask).– Point your router towards the new

networks. Include the loopback addresses and host LANs.

• Sho ip interface brief• Sho ip route• Ping the network –

loopback interfaces and laptop IP addresses

• Once the network is operational, "copy run start."

Show and Ping Commands

312

Review

• Serial Connections• DCE and DTE • Static Routes• Unnumbered serial

interfaces• LANs and host

addressing • New Networks• Limitations

313

Introduction to Routing Static Route

Review Questions

314

1. Routing is ____________ a. a protocol designed to move packets b. process of determining the best path c. moving packets from one interface to another d. classless in nature

2. Switching is ________________

a. a protocol designed to move packets b. process of determining the best path c. moving packets from one interface to another d. trading sides in the middle of the game

3. The phrase “route few, switch many” means?

a. switching is better to use than routing b. the majority of the packets only move across the LAN c. routing table is not consulted for every packet d. most packets only are processed by layer 2 switches

4. Routers route to_________.

a. networks b. hosts c. infinity d. hubs

5. The command to enter a static router is ________ a. ip static route b. ip route c. ip router d. ip address

6. The initial configuration dialog is also referred to as the_______

a. auto configuration b. command line interface c. setup mode d. startup config

7. When a packet moves across a routed network, _____

a. it is always delivered to the host via IP b. examined at the transport layer by each device to determine if it is

UDP or TCP c. first routed to a DNS server for name resolution d. layer 1 and 2 are altered at each device and layer 3 is examined

8. The two most important pieces of information contained in a routing table are.

a. distance and metrics b. gateway of last resort c. destination network and exit interface d. route information codes

315

9. The administrative distance for BGP is _______ a. 140 b. 20 c. 0 d. BGP does not use distance

10. “The packet is always routed to the routing table entry with the most explicit

mask” is called the: a. routing algorithm b. longest match rule c. IGP metrics d. route map rule

11. What two variables are used to determine which candidates are selected for

the routing table? a. match and set b. distance and weight c. distance and metrics d. code and gateway

12. What variables are used to determine routing metrics?

a. load, reliability, path, MTU b. MTU, bandwidth, delay, reliability, load c. bandwidth, delay, codes, load, reliability d. clock rate, encapsulation, IGP, EGP, BGP, PPP

13. Where on the router can the variables determining metric be viewed?

a. interface b. routing table c. routing protocol database d. NVRAM

14. When candidates are offered to the routing table, metrics are only

considered when ___________ a. there are multiple candidates b. when candidates have the same distance c. using distance vector protocols d. they are always used

15. Classful routing:

a. does not send the network mask in the update b. does send the network mask in the update c. always uses a hop count d. is a better way to route

16. Classless routing: a. does not send the network mask in the update b. does send the network mask in the update c. always uses a hop count d. is a better way to route

316

17. Distance vector routing protocols: a. learn information from their neighbors perspective b. do not calculate a metric c. are always classful in nature d. mainly consist of the RIP routing protocol

18. Link state routing protocols:

a. pass very detailed routing updates which allow each router to “draw” a complete network picture

b. use only hop count to determine their metric c. are very susceptible to routing loops because of their comprehensive

database d. are very rarely used in routed networks today

19. Hybrid routing:

a. is primarily used in all routed networks today b. refers to EIGRP, which is essentially distance vector c. cannot be used in military networks d. is very CPU intensive and cannot be operated on small routers

20. Static routing is essentially:

a. dynamic routing without the bells and whistles b. manually installing routes into the routing table c. limited to routers that use Bell-Fordman protocols d. all of the above e. b & c

21. The purpose of the setup mode:

a. is to replace the current configuration in NVRAM b. to be used for initial deployment of the router c. for non Cisco certified personnel d. to configure the router with a minimum configuration to support IP

traffic 22. What command is used to verify if a serial interface is operating as a

DTE/DCE? a. show controllers b. show DTE/DCE c. show interface d. show version

23. In the routing table, what does an entry such as “[110/455]” indicate?

a. metric/dista nce b. load/bandwidth c. distance/metric

d. bandwidth/load

317

24. Administrative distance is________ a. a manually set parameter b. trustworthiness of routing information source c. based on the calculated metric d. always higher than 0

25. The default administrative distance for OSPF is_______

a. 120 b. 110 c. 90 d. 20

26. A static route can be pointed to ___________

a. an interface only b. another static route c. an interface or next hop address d. anything except a classful network

27. The command to assign an IP to an interface is__________

a. ip address address mask b. ip address mask c. ip address network mask d. address ip mask

28. Static routes update automatically once installed.

a. true b. false c. depends

29. Static routes should only be used once the routing protocol fails. a. true b. false c. depends

30. RIP is a classful protocol:

a. true b. false

31. RIP supports VLSM?

a. true b. false

32. From the host laptop’s perspective, which IP is the ‘default gateway?

a. the network address of the local area network. b. the address assigned to the router fastethernet interface. c. the loopback interface address of the router. d. 0.0.0.0

TAB

Insert Tab # 7 Here

Open Shortest Path First (OSPF) Operation In A Single Area

319

Routing Protocols

• RIP - Routing Information Protocol. distance vector type, open.

• IGRP - Interior Gateway Routing Protocol, distance vector, Cisco Proprietary.

• OSPF - Open Shortest Path First, link state type, open.

• EIGRP - Enhanced IGRP, balanced hybrid type, Cisco Proprietary.

• BGP - Border Gateway Protocol, inter-autonomous system, open.

320

OSPF History

1987 1989 1991 1993 1995 1997

OSPFWorkgroup

formed

OSPF V1spec

defined

Interoperabilitytesting

OSPF V2spec

defined

OSPFadded toGate D

MOSPFadded toGate D

CIDRadopted

Authentication

Point-to-Multipoint

added

OSPF V2updated

1998

OSPF V2updated

The IETF (Internet Engineering Task Force) was looking for a fast, scalable, efficient interior routing protocol that would replace RIP1. In 1987, work was begun on OSPF, and in 1989, OSPF v1 was finalized as RFC 1131. OSPF v2 was defined in 1991, and the latest enhancements released in 1998. OSPF v2 is the standard that is addressed in this section. This standard is defined in RFC 2328. OSPF is a work in progress; features will be added and modified on an as-needed basis.

321

OSPF Features

OSPF was developed to overcome RIP’s limitations.

• Open, non-proprietary• Has no hop count limitation, uses link bandwidth• Supports VLSM• Uses multicast addressing for updates

- 224.0.0.5 (All OSPF Router); 224.0.0.6 (DR only)

• Has fast convergence• Allows for routing authentication• Supports hierarchical routing

OSPF is in the public domain, not owned by any entity, and can be used by anyone.

Unlike RIP, which has a 15-hop count limitation (if a destination is more than 15 routers away it is deemed unreachable); OSPF has no hop count limitation. OSPF uses metrics or cost assigned to individual links to determine the best path.

Supports Variable Length Subnet Masking for efficient IP address allocation. Uses IP multi-casting to send link-state updates. This ensures less processing

on routers that are not listening to OSPF packets. In addition, updates are only sent in case routing changes occur, instead of periodically.

OSPF has fast convergence in that it sends out routing changes instantaneously and not just periodically.

Allows routing authentication by using password authentication and encryption, which prevents fraudulent sources from corrupting the routing tables.

OSPF allows for logical definition of networks where routers can be divided into areas. This reduces the propagation of outage information during adverse conditions.

322

OSPF Hierarchical Routing

• Consists of areas within an autonomous system• Minimizes routing update traffic

Area 0

Area 1 Area 2Autonomous System

There are two primary elements in the OSPF hierarchy: 1. Area – An area is a grouping of contiguous OSPF networks and hosts. OSPF areas

are logical subdivisions of OSPF autonomous systems. The topology of each area is invisible to entities in other areas, and each area maintains its own topological database.

2. Autonomous System – OSPF autonomous systems are the largest entity within an

OSPF internetwork. They consist of a collection of networks that are under a common administration and share a common routing strategy. An autonomous system, sometimes called a domain, is logically subdivided into multiple areas.

The hierarchical topology of OSPF has several important benefits. Because the topology of an area is hidden from the rest of the autonomous system, routing update traffic can be reduced through route summarization, and the topological databases and SPF trees remain manageable and more efficient. Summarization in an OSPF network allows certain routers to group or aggregate smaller networks into larger logical networks when sending out LSAs. For example, the 148.43.200.0, 148.43.200.64, 148.43.200.128, and 148.43.200.192 networks (all with /26 masks) could be summarized in an advertisement as the 148.43.200.0 / 24 network.

323

It is like telling your friend that you have a dollar, rather than telling him that you have a quarter and a quarter and a quarter and a quarter. Within each autonomous system, a central area must be defined as area 0. All others areas are connected off the central or backbone area. Area 0 is also called the transition area because all other areas communicate through it. The OSPF backbone also distributes routing information between OSPF areas. The OSPF backbone has all the properties of a normal OSPF area. Backbone routers maintain OSPF routing information using the same procedures and algorithms as internal routers. The backbone topology is invisible to routers in other areas, while the topologies of individual areas are invisible to backbone routers.

324

OSPF Network Types

NBMAATM

Frame Relay

Broadcast Multi-access

Point-to-Point

Point-to-Multipoint

There are four network types defined for the OSPF routing protocol.

1. Point-to-Point: Normally found on serial connections. Neighbor relationships are formed only with the other router on the point-to-point link. Both routers can independently communicate with all other OSPF routers.

2. Broadcast Multi-Access: Normally found on LAN connections. There is a

potential for many neighbor relationships since several routers can be on the same segment. Through an election process, a Designated Router for the network is selected. The DR communicates with all other routers r2egarding the LAN network.

3. NonBroadcast Multi-Access: Routers setup in a hub spoke topology using non-

broadcast media such as Frame Relay, x.25, and ATM. Special care must be taken when configuring this network. Neighbor relationships may have to be manually configured.

4. Point-to-M ultipoint: Defined as a numbered point-to-point interface having more

than one neighbor. This occurs when there are sub-interfaces on one end of the point-to-point network.

325

Types of OSPF Routers

Internal

Area 1 Area 2

ASBR

Backbone

ABR

Area 0

ExternalAS

ABR

Internal

OSPF routers can be categorized as one or more of the following types:

Backbone Router: Has an interface to the backbone (area 0).

Area Border Router (ABR): Attaches to multiple areas, maintains separate topological databases for each area to which they are connected, and routes traffic destined for or arriving from other areas.

Internal Router: Has all directly connected networks belonging to the same area.

It runs a single copy of the routing algorithm.

Autonomou s System Boundary Router (ASBR): Exchanges routing information with routers belonging to other autonomous systems.

326

OSPF Fundamentals

When OSPF is enabled, an OSPF router makes two fundamental decisions about how it will communicate with other OSPF network routers:

Which interfaces will begin transmitting hello packets to discover neighbors?

How to identify itself to those prospective neighbors?

?

Who am I?Who do I talk to?

Which Interfaces To Use?The person enabling OSPF configures one or more network statements to identify the interfaces which will begin sending out hello packets.

RouterX (config)# router ospf 100RouterX (config-router)#network 148.43.200.0 0.0.0.255 area 0RouterX (config-router)#network 148.43.201.0 0.0.0.255 area 0RouterX (config-router)#network 150.150.101.254 0.0.0.0 area 0RouterX (config-router)#network 150.150.100.0 0.0.0.255 area 0

The network statements define ranges of IP addresses. If an interface’s address falls within that range, OSPF will discover the connected network, and that interface will send out hello packets.

150.150.100.1/24

int loopback0150.150.101.254/32

148.43.200.65/26

148.43.200.1/26

148.43.200.129/25

148.43.201.1/24

?

327

Selecting the Router IDAfter interfaces are selected and connected networks are identified, OSPF decides which address to use as a Router ID.

The Router ID will be used to identify all routing info coming from this router to the other OSPF routers. If a loopback interface has been configured, the router will select that address as the ID by default. If no loopback address has been defined, the router will use the highest numbered active physical interface address.

150.150.100.1/24

int loopback0150.150.101.254/32

148.43.200.65/26

148.43.200.1/26

148.43.200.129/25

.254148.43.201.1/24

Hello! Hello!

Hello!

Hello!

Hello!

Hello everybody!I’m Router ID

150.150.101.254! Hello!

328

Router IDs

• Routing Protocols communicate with other routers using router IDs. It is the name of the routing protocol database.

• Most protocols use the highest IP address on an active interface as their router ID.

• If a loopback interface is present, routing protocols default to it for their router ID.

• A loopback interface is always active which makes the routing protocol more stable.

The Router ID is used by routing protocols in establishing neighbors, the election of designated routers, and the exchanging of database information. Its selection and use is internal to the router and requires no operator intervention. Once a loopback address is established, routing protocols default to it for their router ID. If more than one loopback address exists, then both protocols revert to their respective highest and lowest IP rule in choosing the appropriate loopback address for a router ID.

329

Adjacencies Database

Lists Neighbors

RoutingTable

Lists Best Routes

Topology Database

Lists All Routes

HelloPackets

LSAs Calculated by Routerusing info from Topo

Database (SPF)

OSPF Databases

OSPF creates three types of databases as shown above. The adjacencies database determines whom the router will exchange routing updates with or who its neighbor will be. It is formed during link initialization by hello packets. The topology database lists all known routes and is made up of routing updates known as Link State Advertisements (LSAs) received from neighbor OSPF routers. The LSAs are identified by the Router ID of the advertising router and by the network being advertised. The routing table lists the preferred or best routes and is formed by the Shortest Path First algorithm being applied to the topology database.

330

Discovering Neighbors

* Entry must match on neighboring routers

Router IDHello/Dead Intervals*NeighborsArea-ID*Router PriorityDR IP AddressBDR IP AddressAuthentication Password*Stub Area Flag*

hello packet

hello packet

Routers that share a common segment become neighbors on that segment using the Hello Protocol. Hello packets are sent periodically out of each interface using IP multicast addresses. The Hello protocol serves the primary purposes of neighbor discovery, DR & BDR election, and link integrity verification. Two routers will become neighbors if they agree on the following: They must have the same area-id and be on the same subnet/mask. They must both use the same type of authentication and password (if any).

The hello and dead intervals must be the same – hello is 10 seconds by default

and dead is 4 times the hello by default, (interface hello and dead intervals or timers can be manipulated under the interface configuration using the “ip ospf” command.)

They must agree on the stub area flag – a bit in the hello packet that indicates

whether the interface is a stub area.

331

Hello, I am router ID 148.43.200.2; 148.43.200.1 is my neighbor

Router 2 enters 148.43.200.1

into neighbor database

Hello, I am router ID 148.43.200.1Down State

Init State

Two-Way State

Router ID 148.43.200.1 Router ID 148.43.200.2

Router 1 enters 148.43.200.2

into neighbor database

21

*OSPF must be enabled on the interfaceusing the network command to start the neighboring process

Establishing Adjacencies (1)

Router 1 is enabled on the network and is in a down state because it has not exchanged information with any other router. It begins sending hello packets on interfaces running OSPF even though it does not know the identity of any other routers. The packets are sent via multicast using address 224.0.0.5. All directly connected routers receive hello packets from router A and add it to their list of neighbors. This is called the initial state. The routers then send a unicast reply hello packet to router 1 with their corresponding information. The neighbor field in the hello packet lists all other neighboring routers. When router 1 receives the hello packets, it adds all the routers that had its router ID in their hello packet to its own database. The state is referred to as the two-way state. At this point, all routers that have each other in their adjacencies database have established bidirectional communications.

332

No, I will start exchange because I have a higher router ID (148.43.200.2)

I will start exchange because I have router ID 148.43.200.1

Summary of link-state database

Exstart State

Exchange State

Summary of link-state database


21


After the routers have formed an adjacency, the routers are considered to be in an exstart state. In this state, a master-slave relationship is formed between each set of neighbors. The router with the highest router ID acts as the master during the exchange process. The master and slave routers then enter the exchange state and send each other a summary of the information within their link state database. The routers use this summarized information to determine which complete route entries they require from their neighbors. The router uses the sequence number to determine if the neighbor has newer information.

333

Request complete information for summary entries not in own database

Respond with requested information

Full State

Loading State

Acknowledge receipt of database summary

Acknowledge receipt of requested information


21


The neighbors then acknowledge receipt of the summarized database information. Once the router determines what information it requires, it requests that information from its neighbor. The process of requesting this information is called the loading state. The neighbor then responds with the complete information requested and the receiving router acknowledges it. Once the loading process is complete and all requested information has been received between two neighbors, the neighbors’ databases are now synchronized and considered to be in the full state. At this point, the neighbors’ databases should be identical.

334

router#sho ip ospf nei

Neighbor ID Pri State Dead Time Address Interface

148.43.200.4 1 FULL/ - 00:00:32 148.43.200.4 Serial0/2/1

148.43.200.6 1 FULL/ - 00:00:31 148.43.200.6 Serial0/2/0

148.43.200.3 1 FULL/ - 00:00:30 148.43.200.3 Serial0/0/1

148.43.200.1 1 FULL/ - 00:00:30 148.43.200.1 Serial0/0/0

Show IP OSPF Neighbor

The show IP OSPF neighbor command contains the following information: Neighbor ID: router ID. Priority: used in the election of a DR (1 is default), normally manipulated on

Broadcast Multi-Access networks. State: Init – first hello sent 2way – neighbor discovered but adjacency not built Full – adjacency built, databases exchanged Drother – not a DR or BDR, unique to broadcast multi-access. DR – designated router. BDR – backup designated router. Dead Time – dead-interval timer (defaults to 40 sec), amount of time left before

neighbor is declared dead. Address – lists the link IP identifier or neighbors interface IP. Interface – the router interface connected to the neighbor.

335

Router with highest OSPF priority elected.• router(config-if) ip ospf priority number-valueAll routers communicate only with the DR/BDR.• multicast address 224.0.0.5 = to all OSPF routers• multicast address 224.0.0.6 = to DR and BDR

Broadcast Multi-Access DR & BDR

P=1 P=0P=1

P=3 P=2

DR BDR224.0.0.6

224.0.0.5 224.0.0.5

Hello

On a multi-access segment, two routers are elected the designated router (DR) and the backup designated router (BDR). These routers act as the central point of contact for all information exchange on the network. The BDR maintains the same information as the DR and replaces it in the event it fails. Instead of each router on the network exchanging LSAs with every other router, they simply exchange them with the DR/BDR. This significantly reduces the amount of router-related traffic on the segment. Election of the routers is done using the hello protocol. The router with the highest OSPF priority (or Router ID) on a segment will become the DR and the process is then repeated for the BDR. OSPF priority must be set on an interface with a number from 0 to 255. The router with the highest priority is elected the DR. The priority defaults to 1, in case of a tie, the highest router ID is used. A value of 0 indicates an interface that cannot be elected DR/BDR. When the network is first established, the first router with an interface active on the segment begins in a WAITING state, and will stay in that state for the dead interval, 40 seconds by default, waiting for a hello packet from another router. If no hellos are received by the end of the waiting period, it will declare itself the DR. If a second router has become active on the network before the dead interval expires, the process of neighbor establishment will begin at the end of the dead interval waiting time. DR and BDR will be elected by priority or router ID. Once the DR & BDR have been elected, any router added to the network will recognize them as such, will not attempt to preempt them as DR or BDR, and will only establish 'full state' adjacencies with those two DR and BDR routers.

336



148.43.200.1 4 FULL/BDR 00:00:35 148.43.200.193 FastEthernet0/0

148.43.200.2 3 FULL/DROTHER 00:00:35 148.43.200.194 FastEthernet0/0






Show IP OSPF Neighbor - DR

The information contained is the same as the previous show neighbor display except that this is done from the designated router on a broadcast multi-access network. The show IP OSPF neighbor command contains the following information: Neighbor ID: router ID Priority: used in the election of a DR (1 is default), normally manipulated on



337

Show IP OSPF Neighbor - Drother



148.43.200.1 4 FULL/BDR 00:00:37 148.43.200.193 FastEthernet0/0

148.43.200.2 3 2WAY/DROTHER 00:00:35 148.43.200.194 FastEthernet0/0





148.43.200.7 5 FULL/DR 00:00:35 148.43.200.199 FastEthernet0/0

The information contained is the same as the previous show neighbor display except that this is done from a drother router on a broadcast multi-access network. Notice that a "full" state has only been established with the DR and BDR, showing that an exchange of topology database information has only occurred with them. The show IP OSPF neighbor command contains the following information: Neighbor ID: router ID. Priority: used in the election of a DR (1 is default), normally manipulated on



338

The Link-State Database

Link-State DatabaseLink-State Database

• Each router within an area has exact same database (convergence)• Database contains information to construct entire network topology

Each router maintains link-state records including information about each of its interfaces and reachable neighbors. Through flooding, each router distributes its state to all other routers in the area/autonomous system. As a result, each router possesses an identical database describing the area/autonomous system. All routers run the SPF algorithm in parallel. Using the link state database, each router then constructs a tree of the shortest paths with itself as the root. Each destination within the AS is contained within the SPF tree.

339

OSPF Routing Table

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODR

Gateway of last resort is 148.43.200.30 to network 0.0.0.0

148.43.0.0/16 is variably subnetted, 20 subnets, 3 masksO 148.43.200.144/28 [110/196] via 148.43.200.186, 00:03:07, Serial0/0/1C 148.43.200.128/28 is directly connected, FastEthernet0/0O 148.43.200.80/28 [110/586] via 148.43.200.30, 00:03:07, Serial0/0/0C 148.43.200.28/30 is directly connected, Serial0/0/0O 148.43.200.188/30 [110/390] via 148.43.200.186, 00:03:07, Serial0/0/1C 148.43.200.184/30 is directly connected, Serial0/0/1O 148.43.200.6/32 [110/391] via 148.43.200.30, 00:03:08, Serial0/0/0

[110/391] via 148.43.200.194, 00:03:08, Serial0/0/1O 148.43.200.5/32 [110/196] via 148.43.200.194, 00:03:08, Serial0/0/1O 148.43.200.3/32 [110/391] via 148.43.200.30, 00:03:08, Serial0/0/0O 148.43.200.160/28 [110/391] via 148.43.200.30, 00:03:08, Serial0/0/0

[110/391] via 148.43.200.194, 00:03:08, Serial0/0/1S* 0.0.0.0/0 [1/0] via 148.43.200.30

The routing table lists the preferred or best routes to a destination network. The two main criteria used to determine these routes are administrative distance and metrics. Administrative distance is the first factor used to determine which routes are placed into the table. If routes have the same distance, the cost or metrics is then used. The two major parts to the routing table are the destination network entries and the interface the router must use as an exit point to reach that network.

340

Distance & Metrics (Cost)

O 148.43.200.188/30 [110/390]

Distance

Metric(Routing Table Entry)

341

Administrative Distance Defaults

Connected Interface 0

Static Route 1

RIP 120

IGRP 100

EIGRP 90

OSPF 110

BGP 20

The above listed values are the default administrative distances on a Cisco router. Administrative distance can be manually configured on the router to give certain routing protocols preference over others. Under the desired routing protocol configuration, use the distance command. Administrative distance is a rating of the trustworthiness of a routing information source, such as an individual router or a group of routers. Distance is an integer from 0 to 255 and in general, the higher the value, the lower the trust rating. A distance of 255 means the routing information source cannot be trusted at all and should be ignored. Specifying distance values enables the router to discriminate between sources of routing information. The router always picks the route whose routing protocol has the lowest distance.

342

OSPF Metrics

• Metric is used to determine the best path when multiple routes to a destination are received from the same source (equal distance).

• OSPF uses the bandwidth (BW) value assigned to a router interface to calculate the metric value (cost) associated with that interface. That is the only function of the bandwidth statement [example: router1(config-if)#bandwidth 512]. It gives the routing protocol a figure to use in cost calculation, and therefore can be used to manipulate OSPF’s choice of best path.

Source

Destination

256 kbs 768 kbs

T1

10 mbs

256 kbs

512 kbs

256 kbs512 kbs

The cost (also called metric) of an interface in OSPF is an indication of the overhead required to send packets across a certain interface. The cost of an interface is inversely proportional to the bandwidth of that interface. A higher bandwidth indicates a lower cost. The default formula used to calculate the cost is {cost=108 / bandwidth in bps}. If no bandwidth statement is used, serial interfaces default to 1.544 mbs (T1) and Ethernet defaults to 10 mbs. The bandwidth statement has no actual effect on data transfer rate. It is simply used by the routing protocol to calculate the cost of the link. The cost of an interface can be set manually, which will override the bandwidth statement. Under the interface, use the command ip ospf cost. Manipulating the cost of links can make them more or less preferential for use by the router. It is recommended that cost be manipulated using the bandwidth statement.

343

Calculating OSPF Cost

Router A Router B256k512k

1024k

T-1

T-1

56k

56Kbs = 1786256Kps = 391512Kps = 1951024Kps = 98

T1/1544Kps = 65

TOP ROUTE: 391 + 195 + 98 = 684

BOTTOM ROUTE: 65 + 65 + 1786 = 1916

For this practical exercise, use the Windows calculator on your laptop. Utilizing the information provided on the previous page, calculate the cost for each path from router A to router B. Cost is cumulative for point A to point B. The cost for each outgoing interface in the path must be calculated and then added together for a total path (route) cost. Which path will OSPF select? If no bandwidth statement were placed in the 56k link because the person programming the router forgot to enter it, but the actual link speed was at 56k, what would the result be?

344

Show IP OSPF Interface

R7#sho ip ospf int f0/1FastEthernet0/1 is up, line protocol is upInternet Address 148.42.200.199/28, Area 0Process ID 1, Router ID 148.42.200.7, Network Type BROADCAST, Cost: 10Transmit Delay is 1 sec, State DR, Priority 1Designated Router (ID) 148.42.200.7, Interface address 148.42.200.199Backup Designated router (ID) 148.42.200.1, Interface address 148.42.200.193Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

oob-resync timeout 40Hello due in 00:00:01

Supports Link-local Signaling (LLS)Index 1/1, flood queue length 0Next 0x0(0)/0x0(0)Last flood scan length is 1, maximum is 1Last flood scan time is 0 msec, maximum is 4 msecNeighbor Count is 1, Adjacent neighbor count is 1Adjacent with neighbor 148.42.200.1 (Backup Designated Router)

Suppress hello for 0 neighbor(s)

The show IP OSPF interface command provides an inventory of all the interfaces in your router and their status with respect to OSPF. The cost assigned to each interface, along with the type of OSPF network it belongs to, can be verified here. Hello and dead interval timers are also listed. If the interface is a member of a broadcast multi-access network, as shown above, the router's state, specifying its role as DR, BDR or DROTHER can be seen. The priority set for the router's participation in the election of DR / BDR is listed right after the state.

345

OSPF Basic Configuration

(router ospf 1-65535) use your router station #

(network 148.43.200.0 0.0.0.255 area 0)

Use the router OSPF command to define an OSPF routing process. The process-id is an internally used identification number. A unique value is assigned for each OSPF routing process within a single router, just as each file in a computer folder must have a unique filename. The OSPF process-id does not have to match process-ids on other routers. It is possible to run multiple OSPF processes on the same router, but it is not recommended because it creates multiple databases, which adds extra overhead to the router. The network command defines which router interfaces will run OSPF. An IP range is defined in the command by entering an address & wild card mask. Any router interface IP address, which falls within this range, will then run OSPF. Once it has been determined that an interface will run OSPF, the protocol advertises the subnet assigned to that interface. The command also assigns an interface to an OSPF area. Neighboring routers’ directly connected interfaces must be configured in the same area. The network command uses a wildcard mask, which is essentially the inverse of a traditional mask. The mask in the network command can be used as a shortcut for assigning a list of interfaces to the same area with one configuration line.

346

router7#sho ip protoRouting Protocol is "ospf 100"Outgoing update filter list for all interfaces is not setIncoming update filter list for all interfaces is not setRouter ID 148.43.200.7Number of areas in this router is 1. 1 normal 0 stub 0 nssaMaximum path: 4Routing for Networks:0.0.0.0 255.255.255.255 area 0

Routing Information Sources:Gateway Distance Last Update148.43.200.7 110 01:04:25148.43.200.6 110 01:04:25148.43.200.5 110 01:04:25

Distance: (default is 110)

Show IP Protocol

The show IP protocol command provides information about all IP routing protocols configured. The routing protocol and process are identified along with information concerning routing filters, redistribution, and summarization. Routing network statements can be verified along with routing information sources. This is displayed using the source router IDs, the distance of the protocol, and when the last update was received.

347

router#sho ip ospfRouting Process "ospf 100" with ID 148.43.200.7Supports only single TOS(TOS0) routes, Supports opaque LSASupports Link-local Signaling (LLS), Supports area transit capabilityInitial SPF schedule delay 5000 msecsMinimum hold time between two consecutive SPFs 10000 msecsMaximum wait time between two consecutive SPFs 10000 msecsIncremental-SPF disabled, Minimum LSA interval 5 secs, Minimum LSA arrival 1000 msecs, LSA group pacing timer 240 secsInterface flood pacing timer 33 msecs, Retransmission pacing timer 66 msecsNumber of external LSA 0. Checksum Sum 0x000000Number of opaque AS LSA 0. Checksum Sum 0x000000Number of DCbitless external and opaque AS LSA 0Number of DoNotAge external and opaque AS LSA 0Number of areas in this router is 1. 1 normal 0 stub 0 nssaNumber of areas transit capable is 0, External flood list length 0

Show IP OSPF

The show IP OSPF command can be used to verify your OSPF configuration and the overall configuration of the areas within the router. The router ID and process ID can be verified here. Information concerning frequency of updates and other timers are provided. Information is provided for each individual area to which the router is connected. The use of OSPF authentication can be verified with this command.

348

Area BACKBONE(0)Number of interfaces in this area is 6 (1 loopback)Area has no authenticationSPF algorithm last executed 01:04:55.281 agoSPF algorithm executed 17 timesArea ranges areNumber of LSA 7. Checksum Sum 0x04A9BBNumber of opaque link LSA 0. Checksum Sum

0x000000Number of DCbitless LSA 0Number of indication LSA 0Number of DoNotAge LSA 0Flood list length 0

Show IP OSPF (2)

349

Passive Interface

Prevents routing protocol updates from being generated on the specified interface

Example: router (config-router)# passive-interface f0/0

passive-interface interface

router(config-router)#

As stated before, the network command is used to define which interfaces will run OSPF. The networks in which the interfaces are participating will be the networks advertised to other routers. There may be cases where we want to advertise a network to other routers but do not necessarily want routing updates being sent from an interface. One case is an Ethernet interface with only hosts connected to it. There is no point in sending routing update traffic into a LAN where only PCs, printers, and servers are networked. The passive-interface command will keep updates from being sent from the interface even though there is a network statement relating to the address of the interface.

350

148.43.200.113/29

1 4

7

5

f0/0

f0/0

f0/0

f0/0

Loopback Address148.43.200.1/32





148.43.200.65/28

148.43.200.33/27

148.43.200.81/28

148.43.200.129/28

148.43.200.145/28

s0/0/0.17s0/0/1

.121

s0/0/1.122

s0/0/0.29 s0/0/1

.185

s0/0/0.186


2

s0/0/1.126

s0/0/0.125


3

148.43.200.97/28 f0/0148.43.200.161/28

s0/0/0.21

s0/0/1.189

s0/0/0.190

s0/0/1.25

s0/0/0.18

s0/0/1.22

s0/2/0.26

s0/2/1.30

148.43.200.120/30

148.43.200.124/30 148.43.200.188/30

148.43.200.184/30

f0/0

f0/0

6f0/1 f0/1148.43.200.177/29

OSPF Point-to-Point Unnumbered (1)

Install the network shown above. Use the sho int, sho run, and sho ip route commands to assist in troubleshooting. Once all networks are in every router’s routing table, the installation is complete. After the network is installed, ping from laptop to laptop to confirm that all other stations are reachable. After the network connectivity is confirmed by the successful pings: 1. Routers 1 through 6 will swap serial cables connections from s0/0/0 to s0/0/1, and swap the s0/0/1 cable to the s0/0/0 interface. Do this on your own router. 2. Do a show ip int br to confirm that all interfaces have returned to an ‘up up’ state. 3. Repeat the pings to other laptops. What are the results? Why?

351

148.43.200.161/28

148.43.200.129/28

f0/0148.43.200.145/28

f0/0148.43.200.177/30

f0/0

1

7

f0/0

f0/0

f0/0






148.43.200.65/28

148.43.200.33/27

148.43.200.81/28

6Loopback Address148.43.200.6/32

2


3

f0/0

4

8Loopback Address

148.43.200.8/32


s0/0/0.17

s0/0/1.121

s0/0/1.122

s0/0/0.29

s0/0/1 .181

s0/0/1.126

s0/0/0.125

s0/0/0.21

s0/0/1 .189

s0/0/0 .190

s0/0/0.18

s0/0/1.22

s0/2/0.26

s0/2/1.30

148.43.200.120/30

148.43.200.124/30

148.43.200.180/30

148.43.200.188/30

5

s0/0/0 .182

s0/0/1.25

148.43.200.184/30s0/0/1 .185

s0/0/0 .186

148.43.200.97/28f0/0

f0/1148.43.200.113/29


Install the network shown above. Use the sho int, sho run, and sho ip route commands to assist in troubleshooting. Once all networks are in every router’s routing table, the installation is complete. After the network is installed, ping from laptop to laptop to confirm that all other stations are reachable. After the network connectivity is confirmed by the successful pings: 1. Routers 1 through 6 and Router 8 will swap serial cables connections from s0/0/0 to s0/0/1, and swap the s0/0/1 cable to the s0/0/0 interface. Do this on your own router. 2. Do a show ip int br to confirm that all interfaces have returned to an ‘up up’ state. 3. Repeat the pings to other laptops. What are the results? Why?

352



f0/0148.43.200.161/27

1 4

7

5

f0/0

f0/0

f0/0

f0/0





148.43.200.65/28

148.43.200.33/27

148.43.200.81/28

148.43.200.129/28

148.43.200.145/28

s0/0/0

s0/0/1

s0/0/1

s0/0/0s0/0/1

s0/0/0


2

s0/0/1

s0/0/0


3148.43.200.97/27

s0/0/0

s0/0/1

s0/0/0

s0/0/1

s0/0/0

s0/0/1 s0/2/0 s0/2/1

f0/0

f0/0

Install the network shown above. Use the sho int, sho run, and sho ip route commands to assist in troubleshooting. Once all networks are in every router’s routing table, the installation is complete. After the network is installed, ping from laptop to laptop to confirm that all other stations are reachable. After the network connectivity is confirmed by the successful pings: 1. Routers 1 through 6 will swap serial cables connections from s0/0/0 to s0/0/1, and swap the s0/0/1 cable to the s0/0/0 interface. Do this on your own router. 2. Do a show ip int br to confirm that all interfaces have returned to an ‘up up’ state. 3. Repeat the pings to other laptops. What are the results? Why?

353

148.43.200.161/28

148.43.200.129/28

f0/0148.43.200.145/28

f0/0148.43.200.177/28

f0/0

1f0/0

f0/0

f0/0






148.43.200.65/28

148.43.200.33/27

148.43.200.81/28

s0/0/0s0/0/1

s0/0/1

s0/0/0s0/0/1

s0/0/0


2

s0/0/1

s0/0/0


3148.43.200.97/27

s0/0/0

s0/0/1

s0/0/0s0/0/1

s0/0/0

s0/0/1 s0/2/0 s0/2/1

f0/0

f0/0

4

5

8


s0/0/0

s0/0/1


7


Install the network shown above. Use the sho int, sho run, and sho ip route commands to assist in troubleshooting. Once all networks are in every router’s routing table, the installation is complete. After the network is installed, ping from laptop to laptop to confirm that all other stations are reachable. After the network connectivity is confirmed by the successful pings: 1. Routers 1 through 6 and Router 8 will swap serial cables connections from s0/0/0 to s0/0/1, and swap the s0/0/1 cable to the s0/0/0 interface. Do this on your own router. 2. Do a show ip int br to confirm that all interfaces have returned to an ‘up up’ state. 3. Repeat the pings to other laptops. What are the results? Why?

354

OSPF Broadcast Multi-Access

1 4

7

5

f0/0Loopback Address148.43.200.1/32






2


f0/0

f0/0

f0/0f0/0

f0/0

f0/0

.193/28

.194/28

.195/28 .196/28

.197/28

.198/28

.199/28

148.43.200.192/28

63

8

.200/28f0/0


Install the network. Use the show ip ospf neighbor command to verify which router is the DR and which is the BDR. OSPF priority and router ID are used for the election.

1. Reset the OSPF priority as follows, using the ip ospf priority command on the interface:

Router 7 – priority 5 Router 1 – priority 4 Router 2 – priority 3 Router 3 – priority 2 Router 4 – priority 1 Router 5 – priority 1 Router 6 – priority 0 Router 8 (if present) – priority 0

2. Recycle the power on the switch. Once complete verify which routers are the DR & BDR. If required, disconnect and reconnect each router to the switch to force router 7 to become the DR and router 1 the BDR.

3. In a controlled manner, manipulate the network to force changes to the DR/BDR.

4. Disconnect all routers from the switch and reconnect router 6. Verify router 6 will not become the DR.

355

OSPF Single Area Review Questions

356

357

1. OSPF is what type of routing protocol? a. distance vector b. link state c. hybrid d. inter-autonomous system

2. What year was OSPF last updated?

a. 1993 b. 1987 c. 1997 d. 1998

3. Which of the following is an OSPF feature?

a. Supports hierarchical routing b. Cisco proprietary c. Uses broadcasting for routing updates d. Uses a hop count metric

4. What does VLSM stand for?

a. Very Low Speed Metric b. Variable Link Subnet Masking c. Viterbi Link State Management d. Variable Length Subnet Masking

5. OSPF allows for password verification of routing updates.

a. True b. False

6. What are the two primary elements of OSPF hierarchy?

a. stub & NSSA b. total stub & virtual link c. area & autonomous system d. area & backbone

7. The OSPF backbone is always_____

a. area 0 b. area 1 c. not listed d. a stub

8. Which of the following is an OSPF network type? a. PPP b. Frame Relay c. Broadcast Multi-access d. Virtual

358

9. How many neighbor relationships are formed on a point-to-point network a. 1 b. 3 c. 2 d. 0

10. Which of following groups are OSPF router types?

a. Backbone, ABR, NSSA, Internal b. Internal, ASBR, Stub, ABR c. ASBR, ABR, Internal, Backbone d. ABA, ABR, Backbone, Internal

11. An internal router______

a. runs a single copy of the routing algorithm b. is a stub c. has all directly connected networks belonging to the same area d. a & c e. all the above

12. How many different types of databases does OSPF maintain?

a. 1 b. 2 c. 3 d. 4

13. The adjacencies database is formed by_______

a. LSAs b. hello packets c. router configuration d. ping

14. The routing table is developed by________

a. LSAs being directly added once they are received. b. By information contained in hello packets. c. SPF algorithm being ran on topology database. d. OSPF cost and metrics.

15. Hello packets are used only for neighbor identification.

a. true b. false

16. Once a neighbor relationship is formed, the routers__________

a. start routing b. exchange topology databases c. run SPF algorithm d. calculate hop count

359

17. In the election of the designated router, what two things are considered? a. OSPF priority, then router ID b. Router ID, then OSPF priority c. Number of interfaces d. Size of CPU

18. Why have a designated router, on a multi-access segment?

a. maintains routing information for all other routers b. OSPF gets “confused” if there isn’t one c. Reduces router related traffic on the segment d. Somebody has to be in charge

19. The link state database is also know as the________

a. OSPF database b. Routing table c. Topology database d. Adjacencies database

20. In the routing table, what does an entry such as “[110/455]” indicate?

a. metric/dista nce b. load/bandwidth c. distance/metric d. bandwidth/load

21. Administrative distance is________ a. a manually set parameter b. trustworthiness of routing information source c. based on the calculated metric d. always higher than 0

22. The default administrative distance for OSPF is_______

a. 120 b. 110 c. 90 d. 20

23. In OSPF, metrics are referred to as___________

a. distance b. cost c. bandwidth d. load balancing

24. The preferred way to set the cost of an interface is to__________

a. let it default to T-1 b. manually enter the cost c. enter a bandwidth statement d. let the DCE clock determine it

360

25. The default formula for calculating cost is__________ a. T1/10 mbs b. 10 7 / bandwidth in kbs c. 10 8 / bandwidth in bps d. e = mc2

26. The command for manually setting the cost of an interface is_________

a. interface cost b. ip ospf cost c. interface bandwidth d. no default interface cost

27. When enabling the ospf routing protocol, the process ID is_______

a. the same as the AS b. an internally used identification number c. defines the version of ospf being used d. defines the number of areas

28. What command enables an ospf process on an interface?

a. ospf interface xx b. network statement c. passive interface command d. process id

29. What is a wild-card mask?

a. inverse of a regular mask b. used for non-contiguous masking c. used with access control lists d. all the above

30. Network statements advertise the ip range configured within them.

a. true b. false

31. Where is the area of an interface defined?

a. under the interface configuration mode b. global configuration c. network statement d. area configuration command

32. What does the passive-interface command do?

a. makes interface invisible to other routers b. allows network to be advertised without passing updates through the interface c. keeps interface from accepting broadcast link updates d. keeps interface in a “hot” stand-by mode for redundancy if another interface fails

361

33. Which command shows the cost of an interface? a. show IP protocol b. show IP OSPF database c. show IP OSPF interface d. show IP neighbor

34. Which command will show the distance of routing protocols on a router?

a. show ip ospf neighbor b. show ip protocol c. show ip ospf interface d. show ip ospf database

35. Which command will show that a router is exchanging OSPF information with

another router? a. show ip ospf database b. show ip protocol c. show ip ospf interface d. show ip ospf neighbor

TAB

Insert Tab # 8 Here

Basic IT Final Exam

363

364

Basic IT Final Exam• Given Block of IPs:

– 150.150.100.0 255.255.255.0– VLANS ONLY -148.43.200.0 255.255.255.224

• Support the following requirements:– Corps Main 50 hosts– Corps Rear 50 hosts– COSCOM 4 0 hosts– 18th Av/160th TF 18 hosts– Corps Arty 10 hosts– G-6/35th Sig BDE 10 hosts– 16th MP BDE 10 hosts

• Tasks:– Allocate IP’s– Install Network– Enforce the Layer 2 communication:

• Routers 1, 2, and 3 must send all traffic through R7 before reaching any other router.

• Routers 4, 5, and 6 must send all traffic through R8 before reaching any other router.

• Router 7 and router 8 must use switchportaccess 90 to communicate. Every other router must stay in its own vlan.

1 4

7

5

f0/0

2

f0/0

f0/0

f0/0f0/0

f0/0

f0/0

148.43.200.240 /28

63

8

f0/0

OSPF Broadcast Multi-Access

TAB

Insert Tab # 9 Here

IP Networking and Basic Routing Exercise

366

367

Basic Router Configuration Configuring the Hostname and Passwords Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router (config) #hostname router1 router1 (config) #enable secret secret router1 (config) #line console 0 router1 (config-line) #password console router1 (config-line) #login router1 (config-line) #logging synchronous router1 (config-line) #line vty 0 15 router1 (config-line) #password vty router1 (config-line) #login router1 (config-line) #^Z router1# Configuring a Loopback Address Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #int loopback0 router1 (config-if) #ip address 148.43.200.1 255.255.255.255 router1 (config-if) #^Z router1# Configuring an Ethernet/Fast Ethernet Interface Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #int f0/0 router1 (config-if) #ip address 148.43.200.1 255.255.255.0 router1 (config-if) #no shut router1 (config-if) #^Z router1#

368

Configuring a Serial Interface (numbered) Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #int s0/0/0 router1 (config-if) #ip address 148.43.201.1 255.255.255.252 router1 (config-if) #bandwidth 512 router1 (config-if) #encap ppp router1 (config-if) #no peer neighbor-route router1 (config-if) #no shut router1 (config-if) #^Z router1# Configuring a Serial Interface (unnumbered) Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #int s0/0/0 router1 (config-if) #ip unnumbered loopback0 router1 (config-if) #bandwidth 512 router1 (config-if) #encap ppp router1 (config-if) #no shut router1 (config-if) #^Z router1# Configuring a Routing Protocol Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #router ospf 100 router1 (config-router) #network 148.43.200.0 0.0.0.255 area 0 router1 (config-router) #passive-interface f0/0 (DO NOT assign if this interface supports Broadcast Multi-Access) router1 (config-if) #^Z router1#

369

Configuring SNMP Password: router1>en Password: router1#config t Enter configuration commands, one per line. End with CNTL/Z. router1 (config) #snmp-server community public ro router1 (config) #snmp-server community private rw router1 (config) #snmp-server enable traps router1 (config) #snmp-server host 148.43.200.3 public router1 (config) #snmp-server trap-source loop0 router1 (config-if) #^Z router1#

For comments or suggestions on this publication, please email us at

[email protected]

Subject Line: Books

Documents

Regional Hub Node - Noodlez.org Courses...the tactical and strategic networks. The ASA-5520 also provides IPS services using the Cisco AIP-SSM-10 module. For added redundancy in the